IPSec-IKE 1011669 - Microsoft Windows Internet Key Exchange (IKE) Protocol Extensions Denial Of Service Vulnerability (CVE-2023-21547)
SNMP Server 1011663 - Net-SNMP NULL Pointer Dereference Vulnerability (CVE-2022-44793)
Web Application Common 1011206* - BillQuick Web Suite SQL Injection Vulnerability (CVE-2021-42258) 1005934* - Identified Suspicious Command Injection Attack
Web Application PHP Based 1011352* - WordPress 'Titan Labs Security Audit' Plugin Stored Cross-Site Scripting Vulnerability (CVE-2021-24901)
Web Application Ruby Based 1011231* - Grafana Cross Site Scripting Vulnerability (CVE-2021-41174)
Web Client Common 1011656* - Adobe Acrobat And Reader Remote Code Execution Vulnerability (CVE-2023-21608) 1011666 - Adobe Acrobat And Reader Remote Code Execution Vulnerability (CVE-2023-21609)
Web Server HTTPS 1011659* - VMware vCenter Server Denial of Service Vulnerability (CVE-2022-31698)
Integrity Monitoring Rules:
1002775* - Microsoft Windows - Network configuration files modified 1002777* - Microsoft Windows - System configuration file modified
Log Inspection Rules:
1010002* - Microsoft PowerShell Command Execution (ATT&CK T1059.001)
Web Client Common 1011656 - Adobe Acrobat And Reader Remote Code Execution Vulnerability (CVE-2023-21608)
Web Server HTTPS 1011565* - Centreon 'Poller Broker' SQL Injection Vulnerabilities (CVE-2022-42424 and CVE-2022-42425) 1011659 - VMware vCenter Server Denial of Service Vulnerability (CVE-2022-31698)
Web Server Common 1011575* - Apache Commons Text Remote Code Execution Vulnerability (CVE-2022-42889) 1011466* - Apache HTTP Server 'mod_sed' Denial Of Service Vulnerability (CVE-2022-30522)
Web Server HTTPS 1011548* - Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2022-41082)
Windows SMB Server 1011593 - Identified Executable File Upload On Network Share (ATT&CK T1570)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Our two-year research provides insights into the life cycle of exploits, the types of exploit buyers and sellers, and the business models that are reshaping the underground exploit market.
Malicious attacks have consistently been launched on weak points in the supply chain. Like all attacks, these will evolve into more advanced forms. Software development, with multiple phases that could be placed at risk, is particularly vulnerable.