{"id":13456,"date":"2023-01-30T10:18:00","date_gmt":"2023-01-30T17:18:00","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?p=13456"},"modified":"2023-04-06T15:15:35","modified_gmt":"2023-04-06T22:15:35","slug":"securins-threat-intelligence-january-30-2022-february-3-2023-2","status":"publish","type":"post","link":"https:\/\/webdev.securin.xyz\/articles\/securins-threat-intelligence-january-30-2022-february-3-2023-2\/","title":{"rendered":"Securin&#8217;s Threat Intelligence &#8211; Jan 20, 2023 &#8211; Feb 3, 2023"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"13456\" class=\"elementor elementor-13456\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1c7926eb elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"1c7926eb\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-33243357\" data-id=\"33243357\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-cc45ac1 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"cc45ac1\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-9a03310\" data-id=\"9a03310\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-91253d0 elementor-widget elementor-widget-text-editor\" data-id=\"91253d0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p style=\"text-align: left;\">This edition brings you early warnings, trending news about cyber threats, and the accurate threat context. Check out which threat group is on the rampage, what vulnerability it could soon weaponize, and more.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0c6088c elementor-widget elementor-widget-heading\" data-id=\"0c6088c\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Why play catch up when you can fix it now?<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-634700b elementor-widget elementor-widget-spacer\" data-id=\"634700b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5981555 elementor-widget elementor-widget-heading\" data-id=\"5981555\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Trending Threats<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c5fa93a elementor-widget elementor-widget-text-editor\" data-id=\"c5fa93a\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><a href=\"#cisa-adds-cve-2022-47966-and-cve-2017-11357-to-the-kev-catalog\">CISA Adds CVE-2022-47966 and CVE-2017-11357 to the KEV Catalog<\/a><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2952cac elementor-widget elementor-widget-heading\" data-id=\"2952cac\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Vulnerabilities to Watch Out For<\/h3>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-33b4b1b elementor-widget elementor-widget-text-editor\" data-id=\"33b4b1b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul><li><p><a href=\"#exploits-available-for-multiple-vmware-vrealize-flaws\">Exploits Available for Multiple VMWare vRealize Flaws<\/a><\/p><\/li><li><p><a href=\"#exploit-available-for-cve-2022-34689\">Exploit Available for CVE-2022-34689<\/a><\/p><\/li><li><p><a href=\"#cve-2022-38023-samba-logon-bug\">CVE-2022-38023: Samba Logon Bug<\/a><\/p><\/li><li><p><a href=\"#cve-2023-24055-unaddressed-keepass-vulnerability\">CVE-2023-24055: Unaddressed KeePass Vulnerability<\/a><\/p><\/li><li><a href=\"#cve-2022-27596-critical-qnap-vulnerability\">CVE-2022-27596: Critical QNAP Vulnerability<\/a><\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e6aeae0 elementor-widget elementor-widget-spacer\" data-id=\"e6aeae0\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-285ec51 elementor-widget elementor-widget-heading\" data-id=\"285ec51\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Trending Threats<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-de01d64 elementor-widget elementor-widget-spacer\" data-id=\"de01d64\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5fb6c03 elementor-widget elementor-widget-menu-anchor\" data-id=\"5fb6c03\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"cisa-adds-cve-2022-47966-and-cve-2017-11357-to-the-kev-catalog\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-51aa5a8 elementor-widget elementor-widget-heading\" data-id=\"51aa5a8\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">CISA Adds CVE-2022-47966 and CVE-2017-11357 to the KEV Catalog<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ac5ca53 elementor-widget elementor-widget-text-editor\" data-id=\"ac5ca53\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">CISA added CVE-2022-47966 to the KEV catalog on Jan 23rd, 2023. It is a <a href=\"https:\/\/cybersecurityworks.com\/blog\/cyber-risk\/csws-threat-intelligence-january-16-2022-january-20-2022.html#CVE-2022-47966:%20Critical%20ManageEngine%20Vulnerability\" target=\"_blank\" rel=\"noopener\">ManageEngine vulnerability<\/a>\u00a0that is caused by the dependency of Apache Santuario in several ManageEngine products. This is a highly-critical vulnerability as it can allow admin access to multiple ManageEngine products if SSO is enabled in the initial access product.\u00a0<\/p><p dir=\"ltr\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-11357\" target=\"_blank\" rel=\"noopener\">CVE-2017-11357<\/a>\u00a0is a vulnerability in Telerik&#8217;s User Interface (UI) for ASP.NET AJAX. If exploited, it can allow remote code execution in the host device. CISA has recommended that all federal agencies patch this vulnerability by Feb 16, 2023.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0371f6b elementor-widget elementor-widget-spacer\" data-id=\"0371f6b\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fb7c0c2 elementor-widget elementor-widget-heading\" data-id=\"fb7c0c2\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Vulnerabilities to Watch Out For<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-eee5d1e elementor-widget elementor-widget-spacer\" data-id=\"eee5d1e\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e2ab4bc elementor-widget elementor-widget-menu-anchor\" data-id=\"e2ab4bc\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"exploits-available-for-multiple-vmware-vrealize-flaws\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4a6dfce elementor-widget elementor-widget-heading\" data-id=\"4a6dfce\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Exploits Available for Multiple VMWare vRealize Flaws<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1e46ef9 elementor-widget elementor-widget-text-editor\" data-id=\"1e46ef9\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">CVE-2022-31704, CVE-2022-31706, CVE-2022-31710 and CVE-2022-31711 impact VMware vRealize Log Insight appliances. An exploit targeting a vulnerability chain for gaining remote code execution is expected to be released this week.<\/p><p dir=\"ltr\">CVE-2022-31706 is a directory traversal vulnerability that can be abused to inject files into the operating system of impacted appliances.<\/p><p dir=\"ltr\">CVE-2022-31704 is a broken access control flaw that can also be exploited by injecting maliciously crafted files in RCE attacks.<\/p><p dir=\"ltr\">CVE-2022-31710 triggers denial of service states.<\/p><p dir=\"ltr\">CVE-2022-31711 is an information disclosure bug that can be exploited to access sensitive session and application information.<\/p><p dir=\"ltr\">All four vulnerabilities are rated critical on the CVSS(v3) scale and needs immediate attention.<\/p><p dir=\"ltr\"><strong><em>VMware released a\u00a0<a href=\"https:\/\/www.vmware.com\/security\/advisories\/VMSA-2023-0001.html\" target=\"_blank\" rel=\"noopener\">security advisory<\/a>\u00a0addressing all 4 vulnerabilities and recommends its users to patch them immediately.<\/em><\/strong><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-dac80e2 elementor-widget elementor-widget-spacer\" data-id=\"dac80e2\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-dc3d7d9 elementor-widget elementor-widget-menu-anchor\" data-id=\"dc3d7d9\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"exploit-available-for-cve-2022-34689\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0345e89 elementor-widget elementor-widget-heading\" data-id=\"0345e89\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Exploit Available for CVE-2022-34689<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0737983 elementor-widget elementor-widget-text-editor\" data-id=\"0737983\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">CVE-2022-34689 is a critical Windows CryptoAPI spoofing bug that can be exploited to perform actions such as authentication or code signing as the targeted certificate. Attackers will also be able to perform man-in-the-middle attacks and decrypt confidential information on user connections to the affected software, such as web browsers that use Windows&#8217; CryptoAPI cryptography library. This vulnerability impacts old versions of Chrome (v48 and earlier) and Chromium-based applications.<\/p><p dir=\"ltr\">An\u00a0<a href=\"https:\/\/github.com\/akamai\/akamai-security-research\/tree\/main\/PoCs\/CVE-2022-34689\" target=\"_blank\" rel=\"noopener\">exploit\u00a0<\/a>for this vulnerability was released recently.\u00a0<\/p><p dir=\"ltr\"><em><strong>Users are\u00a0<a href=\"https:\/\/media.defense.gov\/2020\/Jan\/14\/2002234275\/-1\/-1\/0\/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF\" target=\"_blank\" rel=\"noopener\">recommended<\/a>\u00a0to update their Chromium applications to the latest version immediately.<\/strong><\/em><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a55fb45 elementor-widget elementor-widget-spacer\" data-id=\"a55fb45\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-464b472 elementor-widget elementor-widget-menu-anchor\" data-id=\"464b472\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"cve-2022-38023-samba-logon-bug\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-118e0a7 elementor-widget elementor-widget-heading\" data-id=\"118e0a7\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">CVE-2022-38023: Samba Logon Bug<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-36c1f26 elementor-widget elementor-widget-text-editor\" data-id=\"36c1f26\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">If exploited, CVE-2022-38023 can allow an attacker to change the content of some network data packets without getting detected, despite the use of cryptographic MACs (message authentication codes) intended to prevent spoofing and tampering. Attackers can also pull off an elevation-of-privilege (EoP) attack by manipulating data at logon time.\u00a0<\/p><p dir=\"ltr\"><em><strong>This vulnerability was\u00a0<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-38023\" target=\"_blank\" rel=\"noopener\">patched<\/a>\u00a0in November 2022 and users need to ensure that they are using the latest version.<\/strong><\/em><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-015441e elementor-widget elementor-widget-spacer\" data-id=\"015441e\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7656389 elementor-widget elementor-widget-menu-anchor\" data-id=\"7656389\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"cve-2023-24055-unaddressed-keepass-vulnerability\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-61ced82 elementor-widget elementor-widget-heading\" data-id=\"61ced82\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">CVE-2023-24055: Unaddressed KeePass Vulnerability<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3c4667f elementor-widget elementor-widget-text-editor\" data-id=\"3c4667f\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">CVE-2023-24055 enables threat actors with write access to a target&#8217;s system to alter the KeePass XML configuration file and inject a malicious trigger that would export the database, including all usernames and passwords in cleartext. The user will not be aware of this as the export process will be performed in the background. An exploit for this vulnerability is already publicly available.<\/p><p dir=\"ltr\">However, KeePass is unwilling to classify this vulnerability as a bug and address this issue. As a workaround, KeePass suggests that the regular system users do not have write access to any files\/folders in KeePass&#8217; app directory before using an enforced config file.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3a91914 elementor-widget elementor-widget-spacer\" data-id=\"3a91914\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8da4435 elementor-widget elementor-widget-menu-anchor\" data-id=\"8da4435\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"menu-anchor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-menu-anchor\" id=\"cve-2022-27596-critical-qnap-vulnerability\"><\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c45cee4 elementor-widget elementor-widget-heading\" data-id=\"c45cee4\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">CVE-2022-27596: Critical QNAP Vulnerability<\/h4>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-887a570 elementor-widget elementor-widget-text-editor\" data-id=\"887a570\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\">CVE-2022-27596 affects QNAP devices running QTS 5.0.1 and QuTS hero h5.0.1. If exploited, this SQL injection vulnerability allows remote attackers to inject malicious code by sending specially crafted requests on vulnerable devices. It is given a CVSS scale rating og 9.8, classifying it as critical.\u00a0<\/p><p><em><strong>QNAP has patched this vulnerability and released a\u00a0<a href=\"https:\/\/www.qnap.com\/en\/security-advisory\/qsa-23-01\" target=\"_blank\" rel=\"noopener\">security advisory<\/a>.<\/strong><\/em><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-d07bcdb elementor-widget elementor-widget-spacer\" data-id=\"d07bcdb\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<section class=\"elementor-section elementor-inner-section elementor-element elementor-element-50e4bcb elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"50e4bcb\" data-element_type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-2886a1f\" data-id=\"2886a1f\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3a460e5 elementor-widget elementor-widget-spacer\" data-id=\"3a460e5\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-dc3ccab elementor-widget elementor-widget-text-editor\" data-id=\"dc3ccab\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\" style=\"text-align: center;\">Follow our weekly Threat Intelligence Series and podcast for proactive alerts on trending threats.<\/p><p dir=\"ltr\" style=\"text-align: center;\"><strong>Leverage our expertise and manage your threats continuously to stay safe from attackers.\u00a0<\/strong><a href=\"https:\/\/webdev.securin.xyz\/contact-us\/\" target=\"_blank\" rel=\"noopener\">Talk to Us!<\/a><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a80805d elementor-widget elementor-widget-spacer\" data-id=\"a80805d\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.<\/p>\n","protected":false},"author":1,"featured_media":13471,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[80,146],"tags":[89,536,182,535,534,218,532,139,103,533],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts\/13456"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/comments?post=13456"}],"version-history":[{"count":52,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts\/13456\/revisions"}],"predecessor-version":[{"id":17428,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts\/13456\/revisions\/17428"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/13471"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=13456"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/categories?post=13456"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/tags?post=13456"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}