Feb 22, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • ConnectWise ScreenConnect added to CISA KEV — confirmed in-the-wild exploitation.
  • 7 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2024-1709 ConnectWise ScreenConnect Authentication Bypass

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Authentication bypass — unauthenticated access risk

ConnectWise ScreenConnect Auth Bypass is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2023-51389 Hertzbeat is a real-time monitoring system.

  • CVSS 9.8

New critical Apache Hertzbeat Deserialization (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2023-51653 Hertzbeat is a real-time monitoring system.

  • CVSS 9.8
  • Remote code execution exposure

New critical Apache Hertzbeat RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

ConnectWise ScreenConnect Authentication Bypass

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-1783 CVSS 9.8

A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619_B20230130/9.3.5u.6698_B20230810.

CVE-2024-22393 CVSS 9.1

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1.

CVE-2024-25802 CVSS 9.8

SKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function.

CVE-2024-25850 CVSS 9.8

Netis WF2780 v2.1.40144 was discovered to contain a command injection vulnerability via the wps_ap_ssid5g parameter

View critical disclosures

cvelogic Threat Intelligence