Sep 10, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Microsoft Windows: 3 CVEs added to CISA KEV today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2024-38014 Microsoft Windows Installer Improper Privilege Management

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Potential privilege escalation to admin/root

Microsoft Windows privilege escalation is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2024-45409 The Ruby SAML library is for implementing the client side of a SAML authorization.

  • CVSS 10
  • Potential privilege escalation to admin/root

New critical Gitlab privilege escalation (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2023-36103 Tenda Ac15 Firmware Command Injection

  • CVSS 9.8

New critical Tenda Ac15 Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2024-38014 KEV

Microsoft Windows Installer Improper Privilege Management

CVE-2024-38217 KEV

Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-36103 CVSS 9.8

Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows remote attackers to run arbitrary comman...

CVE-2023-37234 CVSS 9.8

Loftware Spectrum through 4.6 has unprotected JMX Registry.

CVE-2024-38220 CVSS 9

Azure Stack Hub Elevation of Privilege Vulnerability

CVE-2024-43040 CVSS 9.1

Renwoxing Enterprise Intelligent Management System before v3.0 was discovered to contain a SQL injection vulnerability via the parid para...

CVE-2024-43491 CVSS 9.8

Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Compo...

CVE-2024-44677 CVSS 9.8

eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an attacker to execute arbitrary code via the Da...

CVE-2024-44893 CVSS 9.8

An issue in the component /jeecg-boot/jmreport/dict/list of JimuReport v1.7.8 allows attacker to escalate privileges via a crafted GET re...

CVE-2024-45409 CVSS 10

The Ruby SAML library is for implementing the client side of a SAML authorization.

CVE-2024-45593 CVSS 9

Nix is a package manager for Linux and other Unix systems.

CVE-2024-8503 CVSS 9.8

An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records.

View critical disclosures

cvelogic Threat Intelligence