Mar 5, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Android Pixel added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2021-36380 Sunhillo SureLine OS Command Injection Vulnerablity

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Sunhillo SureLine Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2024-27565 Dirk1983 Chatgpt-wechat-personal SSRF

  • CVSS 9.8

New critical Dirk1983 Chatgpt-wechat-personal SSRF (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2024-27764 Jeewms privilege escalation

  • CVSS 9.8
  • Potential privilege escalation to admin/root

New critical Jeewms privilege escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Sunhillo SureLine OS Command Injection Vulnerablity

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-38944 CVSS 9.8

An issue in Multilaser RE160V firmware v12.03.01.09_pt and Multilaser RE163V firmware v12.03.01.10_pt allows attackers to bypass the acce...

CVE-2023-38945 CVSS 9.8

Multilaser RE160 v5.07.51_pt_MTL01 and v5.07.52_pt_MTL01, Multilaser RE160V v12.03.01.08_pt and V12.03.01.09_pt, and Multilaser RE163V v1...

CVE-2024-2055 CVSS 9.8

The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management capabilities.

CVE-2024-2056 CVSS 9.8

Services that are running and bound to the loopback interface on the Artica Proxy are accessible through the proxy service.

CVE-2024-22252 CVSS 9.3

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller.

CVE-2024-22253 CVSS 9.3

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller.

CVE-2024-24275 CVSS 9.6

Cross Site Scripting vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitiv...

CVE-2024-24276 CVSS 9.6

Cross Site Scripting (XSS) vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain se...

CVE-2024-27565 CVSS 9.8

A Server-Side Request Forgery (SSRF) in weixin.php of ChatGPT-wechat-personal commit a0857f6 allows attackers to force the application to...

CVE-2024-27764 CVSS 9.8

An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the AuthInterceptor component.

View critical disclosures

cvelogic Threat Intelligence