DESCRIPTION:Multiple vulnerabilities have been discovered in Microsoft ExchangeServer (on premises version) , the most severe of which could allow forarbitrary code execution. Microsoft Exchange Server is a mail serverused to run and manage an organization’s email services. Successfulexploitation of the most severe of these vulnerabilities could allow anattacker to execute arbitrary code in the context of the mail server.Depending on the privileges associated with the...
Read More
DESCRIPTION:A vulnerability has been discovered in Adobe ColdFusion, which couldallow for arbitrary code execution. Adobe ColdFusion is a webapplication development platform. Successful exploitation of thisvulnerability could result in an attacker executing arbitrary code inthe context of the affected application. Depending on the privilegesassociated with the application, an attacker could then installprograms; view, change, or delete data; or create new accounts with fulluser rights. Applications that...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Cisco RV series smallbusiness routers, the most severe of which could allow for arbitrarycode execution. The Cisco RV series routers are recommended forconnecting your small business’ internal network devices to each other.Successful exploitation of the most severe of these vulnerabilitiescould allow an unauthenticated, remote attacker to execute arbitrarycode on the affected systems. IMPACT:Multiple vulnerabilities have been discovered in Cisco...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Google Chrome, the mostsevere of which could allow for arbitrary code execution. Google Chromeis a web browser used to access the Internet. Successful exploitation ofthe most severe of these vulnerabilities could allow an attacker toexecute arbitrary code in the context of the browser. Depending on theprivileges associated with the application, an attacker could view,change, or delete data. If this...
Read More
Short Description: Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments. The vulnerabilities recently being exploited were CVE-2021-26855, CVE-2021-26857,...
Read More
