greynoise icon indicating copy to clipboard operation
greynoise copied to clipboard
verified publisher icon hrbrmstr

KEV Release: 2022-03-31

Open hrbrmstr opened this issue 3 years ago • 0 comments

KEV Release: 2022-03-31

7 CVEs in this release.

  • [ ] CVE-2022-26871: We will likely see exploitation (Trend Micro:Apex Central) Trend Micro Apex Central Arbitrary File Upload Vulnerability :: An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.

    Additional Information

    • CVSS 9.8
    • Severity: CRITICAL
    • Attack Vector: NETWORK
    • Attack Complexity: LOW
    • Privileges Required: NONE
    • User Interaction: NONE
    • Impact: 5.9
    • CWE: CWE-434
    • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    • EPSS: 0.056340000 / 0.894750000
    • In The Wild: https://inthewild.io/vuln/CVE-2022-26871

  • [ ] CVE-2022-1040: We will likely see exploitation (Sophos:Firewall) Sophos Firewall Authentication Bypass Vulnerability :: An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.

    Additional Information

    • CVSS 9.8
    • Severity: CRITICAL
    • Attack Vector: NETWORK
    • Attack Complexity: LOW
    • Privileges Required: NONE
    • User Interaction: NONE
    • Impact: 5.9
    • CWE: CWE-287
    • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    • EPSS: 0.326240000 / 0.975110000
    • In The Wild: https://inthewild.io/vuln/CVE-2022-1040

  • [ ] CVE-2021-34484: (Microsoft:Windows) Microsoft Windows User Profile Service Privilege Escalation Vulnerability :: Microsoft Windows User Profile Service contains an unspecified vulnerability which allows for privilege escalation.

    Additional Information

    • CVSS 7.8
    • Severity: HIGH
    • Attack Vector: LOCAL
    • Attack Complexity: LOW
    • Privileges Required: LOW
    • User Interaction: NONE
    • Impact: 5.9
    • CWE: CWE-269
    • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    • EPSS: 0.011500000 / 0.581500000
    • In The Wild: https://inthewild.io/vuln/CVE-2021-34484

  • [ ] CVE-2021-28799: We will likely see exploitation (QNAP:Network Attached Storage (NAS)) QNAP NAS Improper Authorization Vulnerability :: QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.

    Additional Information

    • CVSS 9.8
    • Severity: CRITICAL
    • Attack Vector: NETWORK
    • Attack Complexity: LOW
    • Privileges Required: NONE
    • User Interaction: NONE
    • Impact: 5.9
    • CWE: CWE-863
    • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    • EPSS: 0.010550000 / 0.493190000
    • In The Wild: https://inthewild.io/vuln/CVE-2021-28799

  • [ ] CVE-2021-21551: (Dell:dbutil Driver) Dell dbutil Driver Insufficient Access Control Vulnerability :: Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service, or information disclosure.

    Additional Information

    • CVSS 7.8
    • Severity: HIGH
    • Attack Vector: LOCAL
    • Attack Complexity: LOW
    • Privileges Required: LOW
    • User Interaction: NONE
    • Impact: 5.9
    • CWE: CWE-863
    • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    • EPSS: 0.031710000 / 0.827040000
    • In The Wild: https://inthewild.io/vuln/CVE-2021-21551

  • [ ] CVE-2018-10562: We will likely see exploitation (Dasan:Gigabit Passive Optical Network (GPON) Routers) Dasan GPON Routers Command Injection Vulnerability :: Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can allow an attacker to perform remote code execution.

    Additional Information

    • CVSS 9.8
    • Severity: CRITICAL
    • Attack Vector: NETWORK
    • Attack Complexity: LOW
    • Privileges Required: NONE
    • User Interaction: NONE
    • Impact: 5.9
    • CWE: CWE-78
    • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    • EPSS: 0.221700000 / 0.963940000
    • In The Wild: https://inthewild.io/vuln/CVE-2018-10562

  • [ ] CVE-2018-10561: We will likely see exploitation (Dasan:Gigabit Passive Optical Network (GPON) Routers) Dasan GPON Routers Authentication Bypass Vulnerability :: Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can allow an attacker to perform remote code execution.

    Additional Information

    • CVSS 9.8
    • Severity: CRITICAL
    • Attack Vector: NETWORK
    • Attack Complexity: LOW
    • Privileges Required: NONE
    • User Interaction: NONE
    • Impact: 5.9
    • CWE: CWE-287
    • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    • EPSS: 0.124920000 / 0.950840000
    • In The Wild: https://inthewild.io/vuln/CVE-2018-10561

hrbrmstr avatar Jun 17 '22 13:06 hrbrmstr