Dec 19, 2024 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • BeyondTrust Privileged Remote Access (PRA) And Remote Support (RS) added to CISA KEV — confirmed in-the-wild exploitation.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2024-12356 BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

BeyondTrust Privileged Remote Access (PRA) And Remote Support (RS) Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2023-4617 Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android an...

  • CVSS 10
  • Potential privilege escalation to admin/root

New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.

Critical exposure

CVE-2021-26102 Fortinet Fortiwan Path Traversal

  • CVSS 9.8

New critical Fortinet Fortiwan Path Traversal (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2024-12356 KEV

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-26102 CVSS 9.8

A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticat...

CVE-2022-32203 CVSS 9.8

There is a command injection vulnerability in Huawei terminal printer product.

CVE-2023-4617 CVSS 10

Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control...

CVE-2024-10244 CVSS 9.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ISDO Software Web Software allows S...

CVE-2024-12626 CVSS 9.6

The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress plugin for WordPress is vulnerabl...

CVE-2024-12727 CVSS 9.8

A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall versions older than 21.0 MR1 (21.0.1) allows ac...

CVE-2024-12728 CVSS 9.8

A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version 20.0 MR3 (20.0...

CVE-2024-54983 CVSS 9.8

An issue in Quectel BC95-CNV V100R001C00SPC051 allows attackers to bypass authentication via a crafted NAS message.

CVE-2024-54984 CVSS 9.8

An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted NAS message.

CVE-2024-55081 CVSS 9.8

An XML External Entity (XXE) injection vulnerability in the component /datagrip/upload of Chat2DB v0.3.5 allows attackers to execute arbi...

View critical disclosures

cvelogic Threat Intelligence