There is currently an encryption campaign targeting ESXi servers up to version 7.x via the CVE-2022-31696 vulnerability, which allows access to data on host systems.
Tag: Red Team
Dec 12
Critical Fortigate VPN SSL Vulnerability – CVE-2022-42475
Updated on Tuesday 13, December – Affected versions. Critical VPN SSL Vulnerability (FortiOS): Fortinet has just announced a critical vulnerability in all versions. Vulnerabilities that can be easily exploited remotely to compromise firewall or where remote code execution is considered likely in common situations. Manipulate the dynamic resources of some processes, the goal is to …
Oct 27
Critical OpenSSL Vulnerability version 3.0
Updated (October 27th, 2022): List of vendors and software affected by the OpenSSL vulnerability here. Critical OpenSSL Vulnerability version 3.0 and above: OpenSSL has just announced a critical vulnerability in version 3.x. This access vulnerability requires access to private keys and/or risks remote machine access (RCE). Vulnerabilities that can be easily exploited remotely to compromise …