• Microsoft RDP Remote Code Execution


    Overview Microsoft released a set of fixes for Remote Desktop Services that include two critical Remote Code Execution (RCE) vulnerabilities. Remote Desktop Protocol (RDP) provides a user with a graphical interface to connect to a remote computer over a network connection. Successful exploitation of this vulnerability could allow an attacker to run malicious commands on […]

    View Details
  • Critical Pre-Authentication Vulnerability


    Overview CVE-2019-1579 is a pre-authentication remote code execution vulnerability in Palo Alto Networks (PAN) GlobalProtect VPN. An unauthenticated attacker could exploit the vulnerability by sending a specifically crafted request to a vulnerable VPN server in order to remotely execute code on the system. Threat Intelligence While there is a public proof-of-concept exploit available, the Masergy […]

    View Details
  • Receiver Remote Code Execution Vulnerability


    Overview A remote code execution vulnerability has been identified in the Citrix Workspace & Citrix Receiver client for Windows. Citrix Workspace allows centralized app and file management. By exploiting this vulnerability, the attacker could gain remote access to the target’s storage allowing data exfiltration and/or remote code execution. Threat Intelligence At this time, the Masergy […]

    View Details
  • Remote Code Execution Vulnerability


    Overview CVE-2019-0708 is a remote code execution vulnerability that exists in Remote Desktop Services, previously known as Terminal Services. Remote Desktop Protocol (RDP) provides a user with a graphical interface to connect to a remote computer over a network connection. Successful exploitation of this vulnerability could allow an attacker to run malicious commands on a […]

    View Details
  • Microsoft Exchange 2013 0day “PrivExchange”


    Overview A vulnerability has been discovered in Microsoft Exchange 2013 which could allow for privilege escalation. Microsoft Exchange is a mail server developed for Microsoft Windows. Successful exploitation of this vulnerability could allow for privilege escalation to the Domain Admin account by compromising any user with a mailbox on the server. Access to the Domain […]

    View Details
  • Cisco Adaptive Security DOS


    Overview A recently discovered vulnerability in the Session Initiation Protocol (SIP) inspection engine associated with Cisco Adaptive Security Appliance (ASA) software and Cisco Firepower Threat Defense (FTD) software can allow an unauthenticated, remote attackers to cause an affected device to reload or trigger high CPU utilization, resulting in a denial of service (DoS) incident. Threat […]

    View Details
  • BLEEDINGBIT


    Overview Two vulnerabilities, dubbed “BLEEDINGBIT”, have been discovered in Bluetooth chips found in access points manufactured by Cisco, Meraki, and Aruba that provide WiFi service in enterprises. Successful exploitation of these vulnerabilities allows for unauthenticated attackers to take control of the devices. Threat Intelligence The Masergy Threat Intelligence Team is not aware of any exploitation […]

    View Details
  • Apache Struts RCE


    Overview A vulnerability has been discovered in Apache Struts, which could allow for remote code execution. Apache Struts is an open-source, MVC framework for creating Java web applications. Successfully exploiting this vulnerability could allow for remote code execution in the context of the affected application. Threat Intelligence The Masergy Threat Intelligence Team is aware of […]

    View Details
  • Drupal Core Remote Code Execution


    Overview A vulnerability has been discovered within multiple subsystems of Drupal 7.x and 8.x. Drupal is a free and open source content management framework. Successful exploitation of this vulnerability could allow for remote code execution in the context of the affected application. Depending on the privileges associated with the application, an attacker could install programs; […]

    View Details
  • Cisco Adaptive Security Appliance Remote Code Execution


    What some observers have labeled as the “perfect bug” is raising concern in the security community. A bug in Cisco VPN programming has created a significant vulnerability that impacts two product sets. It has received the highest severity rating with a 10 out of 10 score and can lead to a denial-of-services attack from unauthenticated and remote users. Software patches have been released and the threat experts at Masergy are closely monitoring the situation. The breakdown below summarizes what is known thus far and we will continue to provide updates as more information and analysis becomes available.

    View Details