Nov 14, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Palo Alto Networks Expedition: 2 CVEs added to CISA KEV today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2024-9463 Palo Alto Networks Expedition OS Command Injection

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Palo Alto Networks Expedition Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2024-48966 The software tools used by service personnel to test & calibrate the ventilator do not support us...

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2024-48967 The ventilator and the Service PC lack sufficient audit logging capabilities to allow for detecti...

  • CVSS 10

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Palo Alto Networks Expedition OS Command Injection

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2024-10924 CVSS 9.8

The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0...

CVE-2024-31695 CVSS 9.8

A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS v2.85.4, allows attackers to bypass authe...

CVE-2024-48966 CVSS 10

The software tools used by service personnel to test & calibrate the ventilator do not support user authentication.

CVE-2024-48967 CVSS 10

The ventilator and the Service PC lack sufficient audit logging capabilities to allow for detection of malicious activity and subsequent...

CVE-2024-48970 CVSS 9.3

The ventilator's microcontroller lacks memory protection.

CVE-2024-48971 CVSS 9.3

The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in plaintext form.

CVE-2024-48973 CVSS 9.3

The debug port on the ventilator's serial interface is enabled by default.

CVE-2024-48974 CVSS 9.3

The ventilator does not perform proper file integrity checks when adopting firmware updates.

CVE-2024-9834 CVSS 9.3

Improper data protection on the ventilator's serial interface could allow an attacker to send and receive messages that result in unautho...

View critical disclosures

cvelogic Threat Intelligence