#cve_2019_7256 — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #cve_2019_7256, aggregated by home.social.
-
CISA adds 3 vulnerabilities to the Known Exploited Vulnerabilities (KEV) Catalog: https://www.cisa.gov/news-events/alerts/2024/03/25/cisa-adds-three-known-exploited-vulnerabilities-catalog
- CVE-2023-48788 (9.8 critical) Fortinet FortiClient EMS SQL Injection Vulnerability
- CVE-2021-44529 (9.8 critical) Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
- CVE-2019-7256 (10.0 critical) Nice Linear eMerge E3-Series OS Command Injection Vulnerability
Notes:
- Fortinet quietly updated their security advisory around 21 March 2024 stating that "This vulnerability is exploited in the wild". Horizon3 also released a Proof of Concept that day.
- On 16 February 2024, @iagox86 of @greynoise provided a technical analysis of CVE-2021-44529, which suggested that it was an intentional backdoor in a dead project
- SonicWall previously reported the active exploitation of CVE-2019-7256 on 01 February 2020.
#CISA #KnownExploitedVulnerabilitiesCatalog #KEV #eitw #activeexploitation #CVE_2023_48788 #CVE_2021_44529 #CVE_2019_7256