Jan 10, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Ivanti Connect Secure And Policy Secure: 2 CVEs added to CISA KEV today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2023-29357 Microsoft SharePoint Server Privilege Escalation

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Potential privilege escalation to admin/root

Microsoft SharePoint Server Privilege Escalation is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2023-40414 A use-after-free issue was addressed with improved memory management.

  • CVSS 9.8
  • Remote code execution exposure

New critical Apple Ipados RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2023-51126 Flir Ax8 Firmware Command Injection

  • CVSS 9.8

New critical Flir Ax8 Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Ivanti Connect Secure and Policy Secure Authentication Bypass

Ivanti Connect Secure and Policy Secure Command Injection

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-31488 CVSS 9.8

Hyland Perceptive Filters releases before 2023-12-08 (e.g., 11.4.0.2647), as used in Cisco IronPort Email Security Appliance Software, Ci...

CVE-2023-40414 CVSS 9.8

A use-after-free issue was addressed with improved memory management.

CVE-2023-51123 CVSS 9.8

An issue discovered in D-Link dir815 v.1.01SSb08.bin allows a remote attacker to execute arbitrary code via a crafted POST request to the...

CVE-2023-51126 CVSS 9.8

Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value pa...

CVE-2023-51967 CVSS 9.8

Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function getIptvInfo.

CVE-2023-51968 CVSS 9.8

Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function getIptvInfo.

CVE-2023-51969 CVSS 9.8

Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function getIptvInfo.

CVE-2023-51970 CVSS 9.8

Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv.

CVE-2023-52064 CVSS 9.8

Wuzhicms v4.1.0 was discovered to contain a SQL injection vulnerability via the $keywords parameter at /core/admin/copyfrom.php.

CVE-2024-21638 CVSS 9.1

Azure IPAM (IP Address Management) is a lightweight solution developed on top of the Azure platform designed to help Azure customers mana...

View critical disclosures

cvelogic Threat Intelligence