Aug 21, 2023 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- Adobe ColdFusion added to CISA KEV — confirmed in-the-wild exploitation.
- Tsplus Remote Access: public exploit or PoC linked
- 9 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CVE-2023-26359
Adobe ColdFusion Deserialization of Untrusted Data
- Actively exploited (CISA KEV)
- Listed on CISA KEV
- Remote code execution exposure
Adobe ColdFusion RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Active exploit activity
CVE-2023-31067
An issue was discovered in TSplus Remote Access through 16.0.2.14.
- Public exploit or PoC available
- Exploit activity linked
Public exploit or PoC linked — exploitation bar is lower than disclosure-only CVEs.
Critical exposure
New critical disclosure (CVSS 9.9) — high severity with a short public awareness window before exploit material typically surfaces.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Adobe ColdFusion Deserialization of Untrusted Data
View KEV additions
Exploit & PoC activity
An issue was discovered in TSplus Remote Access through 16.0.2.14.
An issue was discovered in TSplus Remote Access through 16.0.2.14.
An issue was discovered in TSplus Remote Access through 16.0.2.14.
An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5).
Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9.5 allows unauthenticated attackers to r...
View new exploit links
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
An issue was discovered in kdmserver service in LeEco LeTV X43 version V2401RCN02C080080B04121S, allows attackers to execute arbitrary co...
Due to improper input validation, an authenticated remote attacker could execute arbitrary commands on the target system.
user_login.cgi on Draytek Vigor2620 devices before 3.9.8.4 (and on all versions of Vigor2925 devices) allows attackers to send a crafted...
The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.
Ivanti Sentry Authentication Bypass
Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via the scann...
An issue in Gaberiele Venturi pandasai v.0.8.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the...
SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite versio...
Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19...
View critical disclosures
cvelogic
Threat Intelligence