Last week, Cyble Research & Intelligence Labs (CRIL) analyzed 154 vulnerabilities in their weekly report, which included critical flaws in products from Microsoft, VMware, Veeam, and ASUS. The report highlighted that 126 of these vulnerabilities affected Siemens industrial control systems (ICS) products, posing a risk to critical manufacturing infrastructure. Despite the discovery of approximately 25,000 new vulnerabilities each year, only a small percentage are actively exploited by threat actors.
The report focused on nine major vulnerabilities, including ones affecting VMware, ASUS routers, Veeam Recovery Orchestrator, Microsoft Outlook, Windows Wi-Fi driver, and JetBrains GitHub plugin. These vulnerabilities range from authentication bypass to remote code execution, with some posing high severity risks due to their potential exploitation by threat actors.
In response to these vulnerabilities, patches are available for some of the affected products, but security teams are advised to prioritize addressing these critical issues to prevent potential attacks on their systems. Additionally, CISA has added five vulnerabilities identified in the Cyble report to their Known Exploited Vulnerabilities (KEV) catalog, further emphasizing the importance of addressing these issues promptly.
Cyble’s report provides customers with detailed information on these vulnerabilities, including exploits found on the dark web and recommendations for strengthening cybersecurity defenses. Their security analysts have also conducted scans of customer environments, revealing over 2 million exposures to 13 of the vulnerabilities identified in the report.
To stay informed and protected against cyber threats, organizations can subscribe to Cyble’s weekly Vulnerability Intelligence Report, powered by The Cyber Express, to receive the latest insights and recommendations based on advanced AI-powered threat intelligence. This partnership aims to help security teams focus on the most critical vulnerabilities and threats, ultimately enhancing their defense against potential cyberattacks.
Article Source
https://thecyberexpress.com/weekly-vulnerability-report-microsoft-VMware/