Mar 12, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical exposure

CVE-2023-42789 Fortinet Fortios Out-of-Bounds Write

CVSS 9.8

New critical Fortinet Fortios Out-of-Bounds Write (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2023-48788 Fortinet FortiClient EMS SQL Injection

CVSS 9.8

New critical Fortinet FortiClient EMS SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2024-1301 SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier.

CVSS 9.8

New critical Badgermeter Monitool SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-42789 CVSS 9.8

A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 thr...

CVE-2023-47534 CVSS 9.6

A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10,...

CVE-2023-48788 CVSS 9.8

Fortinet FortiClient EMS SQL Injection

CVE-2024-1301 CVSS 9.8

SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier.

CVE-2024-1527 CVSS 9.8

Unrestricted file upload vulnerability in CMS Made Simple, affecting version 2.2.14.

CVE-2024-21334 CVSS 9.8

Open Management Infrastructure (OMI) Remote Code Execution Vulnerability

CVE-2024-21400 CVSS 9

Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

CVE-2024-24093 CVSS 9.8

SQL Injection vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via Personal Information...

CVE-2024-24101 CVSS 9.8

Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Eligibility Information Update.

CVE-2024-2413 CVSS 9.8

Intumit SmartRobot uses a fixed encryption key for authentication.

View critical disclosures

cvelogic Threat Intelligence