Weekly Vulnerabilities Reports > March 11 to 17, 2024

Overview

101 new vulnerabilities reported during this period, including 12 critical vulnerabilities and 53 high severity vulnerabilities. This weekly summary report vulnerabilities in 44 products from 7 vendors including IBM, Fortinet, Microsoft, Siemens, and Tenda. Vulnerabilities are notably categorized as "Improper Input Validation", "Cross-site Scripting", "Out-of-bounds Write", "Improper Access Control", and "Classic Buffer Overflow".

60 reported vulnerabilities are remotely exploitables.
14 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
53 reported vulnerabilities are exploitable by an anonymous user.
IBM has the most reported vulnerabilities, with 10 reported vulnerabilities.
Fortinet has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES

CRITICAL RISK
VULNERABILITIES

HIGH RISK
VULNERABILITIES

MEDIUM RISK
VULNERABILITIES

LOW RISK
VULNERABILITIES

REMOTELY
EXPLOITABLE

LOCALLY
EXPLOITABLE

EXPLOIT
AVAILABLE

EXPLOITABLE
ANONYMOUSLY

AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

12 Critical Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2024-03-15	CVE-2023-7248	Opentext	Unspecified vulnerability in Opentext Vertica Certain functionality in OpenText Vertica Management console might be prone to bypass via crafted requests. The vulnerability would affect one of Vertica’s authentication functionalities by allowing specially crafted requests and sequences.	9.8
2024-03-13	CVE-2024-2413		Intumit SmartRobot uses a fixed encryption key for authentication.	9.8
2024-03-12	CVE-2024-21334		Open Management Infrastructure (OMI) Remote Code Execution Vulnerability	9.8
2024-03-12	CVE-2023-36554	Fortinet	Improper Access Control vulnerability in Fortinet Fortimanager A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.	9.8
2024-03-12	CVE-2023-42789	Fortinet	Out-of-bounds Write vulnerability in Fortinet Fortios and Fortiproxy A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.	9.8
2024-03-12	CVE-2023-48788	Fortinet	SQL Injection vulnerability in Fortinet Forticlient Enterprise Management Server A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.	9.8
2024-03-12	CVE-2024-28535	Tenda	Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.05 Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function.	9.8
2024-03-12	CVE-2024-28553	Tenda	Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.05 Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the entrys parameter fromAddressNat function.	9.8
2024-03-12	CVE-2022-32257	Siemens	Improper Access Control vulnerability in Siemens Sinema Remote Connect Server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2).	9.8
2024-03-12	CVE-2024-22039	Siemens	Classic Buffer Overflow vulnerability in Siemens products A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x IP6 (All versions < IP6 SR3), Cerberus PRO EN Fire Panel FC72x IP7 (All versions < IP7 SR5), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions < V3.0.6602), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.0.5016), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions < V3.2.6601), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.2.5015), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions < MP8), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions < MP6 SR3), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions < MP7 SR5), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions < V3.0.6602), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.0.5016), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions < V3.2.6601), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.2.5015), Sinteso Mobile (All versions < V3.0.0).	9.8
2024-03-12	CVE-2024-25995		An unauthenticated remote attacker can modify configurations to perform a remote code execution due to a missing authentication for a critical function.	9.8
2024-03-12	CVE-2024-21400		Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability	9.0

Expand/Hide

53 High Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2024-03-13	CVE-2015-10123		An unautheticated remote attacker could send specifically crafted packets to a affected device.	8.8
2024-03-12	CVE-2024-21411		Skype for Consumer Remote Code Execution Vulnerability	8.8
2024-03-12	CVE-2024-21435		Windows OLE Remote Code Execution Vulnerability	8.8
2024-03-12	CVE-2024-21441		Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability	8.8
2024-03-12	CVE-2024-21444		Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability	8.8
2024-03-12	CVE-2024-21451		Microsoft ODBC Driver Remote Code Execution Vulnerability	8.8
2024-03-12	CVE-2024-26159		Microsoft ODBC Driver Remote Code Execution Vulnerability	8.8
2024-03-12	CVE-2024-26161		Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability	8.8
2024-03-12	CVE-2024-26162		Microsoft ODBC Driver Remote Code Execution Vulnerability	8.8
2024-03-12	CVE-2024-26164		Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability	8.8
2024-03-12	CVE-2024-26165		Visual Studio Code Elevation of Privilege Vulnerability	8.8
2024-03-12	CVE-2024-26166		Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability	8.8
2024-03-12	CVE-2024-26198		Microsoft Exchange Server Remote Code Execution Vulnerability	8.8
2024-03-12	CVE-2023-46717	Fortinet	Improper Authentication vulnerability in Fortinet Fortios An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions 7.2.6 and below, and versions 7.0.12 and below when configured with FortiAuthenticator in HA may allow a readonly user to gain read-write access via successive login attempts.	8.8
2024-03-12	CVE-2023-47534	Fortinet	Improper Neutralization of Formula Elements in a CSV File vulnerability in Fortinet Forticlient Endpoint Management Server A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets.	8.8
2024-03-12	CVE-2024-26288		An unauthenticated remote attacker can influence the communication due to the lack of encryption of sensitive data via a MITM.	8.7
2024-03-14	CVE-2024-27266	IBM	XXE vulnerability in IBM Maximo Application Suite 7.6.1.3 IBM Maximo Application Suite 7.6.1.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.	8.2
2024-03-12	CVE-2024-21407	Microsoft	Unspecified vulnerability in Microsoft products Windows Hyper-V Remote Code Execution Vulnerability	8.1
2024-03-12	CVE-2023-42790	Fortinet	Stack-based Buffer Overflow vulnerability in Fortinet Fortios and Fortiproxy A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.	8.1
2024-03-14	CVE-2024-22346	IBM	Unspecified vulnerability in IBM I Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call.	7.8
2024-03-12	CVE-2024-21330		Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability	7.8
2024-03-12	CVE-2024-21418		Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability	7.8
2024-03-12	CVE-2024-21426		Microsoft SharePoint Server Remote Code Execution Vulnerability	7.8
2024-03-12	CVE-2024-21431		Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability	7.8
2024-03-12	CVE-2024-21434		Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability	7.8
2024-03-12	CVE-2024-21436		Windows Installer Elevation of Privilege Vulnerability	7.8
2024-03-12	CVE-2024-21437		Windows Graphics Component Elevation of Privilege Vulnerability	7.8
2024-03-12	CVE-2024-21442		Windows USB Print Driver Elevation of Privilege Vulnerability	7.8
2024-03-12	CVE-2024-21446		NTFS Elevation of Privilege Vulnerability	7.8
2024-03-12	CVE-2024-26169	Microsoft	Unspecified vulnerability in Microsoft products Windows Error Reporting Service Elevation of Privilege Vulnerability	7.8
2024-03-12	CVE-2024-26170		Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability	7.8
2024-03-12	CVE-2024-26173		Windows Kernel Elevation of Privilege Vulnerability	7.8
2024-03-12	CVE-2024-26178		Windows Kernel Elevation of Privilege Vulnerability	7.8
2024-03-12	CVE-2024-26182		Windows Kernel Elevation of Privilege Vulnerability	7.8
2024-03-12	CVE-2024-26199		Microsoft Office Elevation of Privilege Vulnerability	7.8
2024-03-12	CVE-2024-26002		An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files.	7.8
2024-03-12	CVE-2024-21419		Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	7.6
2024-03-12	CVE-2024-21392		.NET and Visual Studio Denial of Service Vulnerability	7.5
2024-03-12	CVE-2024-21421		Azure SDK Spoofing Vulnerability	7.5
2024-03-12	CVE-2024-21427		Windows Kerberos Security Feature Bypass Vulnerability	7.5
2024-03-12	CVE-2024-21438		Microsoft AllJoyn API Denial of Service Vulnerability	7.5
2024-03-12	CVE-2024-26190		Microsoft QUIC Denial of Service Vulnerability	7.5
2024-03-12	CVE-2024-26204		Outlook for Android Information Disclosure Vulnerability	7.5
2024-03-12	CVE-2024-26004		An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality.	7.5
2024-03-12	CVE-2024-26001		An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack.	7.4
2024-03-12	CVE-2024-21443		Windows Kernel Elevation of Privilege Vulnerability	7.3
2024-03-12	CVE-2024-26203		Azure Data Studio Elevation of Privilege Vulnerability	7.3
2024-03-12	CVE-2024-25998		An unauthenticated remote attacker can perform a command injection in the OCPP Service with limited privileges due to improper input validation.	7.3
2024-03-12	CVE-2024-21390	Microsoft	Unspecified vulnerability in Microsoft Authenticator Microsoft Authenticator Elevation of Privilege Vulnerability	7.1
2024-03-12	CVE-2024-21432		Windows Update Stack Elevation of Privilege Vulnerability	7.0
2024-03-12	CVE-2024-21433		Windows Print Spooler Elevation of Privilege Vulnerability	7.0
2024-03-12	CVE-2024-21439		Windows Telephony Server Elevation of Privilege Vulnerability	7.0
2024-03-12	CVE-2024-21445		Windows USB Print Driver Elevation of Privilege Vulnerability	7.0

Expand/Hide

34 Medium Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2024-03-12	CVE-2024-21429		Windows USB Hub Driver Remote Code Execution Vulnerability	6.8
2024-03-12	CVE-2023-41842	Fortinet	Use of Externally-Controlled Format String vulnerability in Fortinet products A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer-BigData before 7.2.5 and Fortinet FortiPortal version 6.0 all versions and version 5.3 all versions allows a privileged attacker to execute unauthorized code or commands via specially crafted command arguments.	6.7
2024-03-12	CVE-2024-26201		Microsoft Intune Linux Agent Elevation of Privilege Vulnerability	6.6
2024-03-14	CVE-2024-27265	IBM	Cross-Site Request Forgery (CSRF) vulnerability in IBM Integration BUS 10.1 IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.	6.5
2024-03-12	CVE-2024-26185		Windows Compressed Folder Tampering Vulnerability	6.5
2024-03-12	CVE-2024-26197		Windows Standards-Based Storage Management Service Denial of Service Vulnerability	6.5
2024-03-12	CVE-2024-22045	Siemens	Unspecified vulnerability in Siemens Sinema Remote Connect Client A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1).	6.5
2024-03-15	CVE-2023-47699	IBM	Cross-site Scripting vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting.	6.1
2024-03-15	CVE-2023-47162	IBM	Cross-site Scripting vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting.	6.1
2024-03-12	CVE-2024-26000		An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization.	5.9
2024-03-15	CVE-2021-38938	IBM	Insufficiently Protected Credentials vulnerability in IBM Host Access Transformation Services IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores user credentials in plain clear text which can be read by a local user.	5.5
2024-03-15	CVE-2024-2180		Zemana AntiLogger v2.74.204.664 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x80002020 IOCTL code of the zam64.sys and zamguard64.sys drivers	5.5
2024-03-15	CVE-2024-2204		Zemana AntiLogger v2.74.204.664 is vulnerable to a Denial of Service (DoS) vulnerability by triggering the 0x80002004 and 0x80002010 IOCTL codes of the zam64.sys and zamguard64.sys drivers.	5.5
2024-03-14	CVE-2024-1853		Zemana AntiLogger v2.74.204.664 is vulnerable to an Arbitrary Process Termination vulnerability by triggering the 0x80002048 IOCTL code of the zam64.sys and zamguard64.sys drivers.	5.5
2024-03-13	CVE-2024-24693	Zoom	Unspecified vulnerability in Zoom Rooms Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access.	5.5
2024-03-12	CVE-2024-20671		Microsoft Defender Security Feature Bypass Vulnerability	5.5
2024-03-12	CVE-2024-21408	Microsoft	Unspecified vulnerability in Microsoft products Windows Hyper-V Denial of Service Vulnerability	5.5
2024-03-12	CVE-2024-26174		Windows Kernel Information Disclosure Vulnerability	5.5
2024-03-12	CVE-2024-26177		Windows Kernel Information Disclosure Vulnerability	5.5
2024-03-12	CVE-2024-26181		Windows Kernel Denial of Service Vulnerability	5.5
2024-03-15	CVE-2023-46182	IBM	Cross-site Scripting vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting.	5.4
2024-03-13	CVE-2018-25090		An unauthenticated remote attacker can use an XSS attack due to improper neutralization of input during web page generation.	5.4
2024-03-15	CVE-2023-47147	IBM	External Control of File Name or Path vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions.	5.3
2024-03-13	CVE-2024-2412		The disabling function of the user registration page for Heimavista Rpage and Epage is not properly implemented, allowing remote attackers to complete user registration on sites where user registration is supposed to be disabled.	5.3
2024-03-12	CVE-2024-25994		An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation. The upload destination is fixed and is write only.	5.3
2024-03-12	CVE-2024-25996		An unauthenticated remote attacker can perform a remote code execution due to an origin validation error.	5.3
2024-03-12	CVE-2024-25997		An unauthenticated remote attacker can perform a log injection due to improper input validation.	5.3
2024-03-12	CVE-2024-21448		Microsoft Teams for Android Information Disclosure Vulnerability	5.0
2024-03-12	CVE-2024-26005		An unauthenticated remote attacker can gain service level privileges through an incomplete cleanup during service restart after a DoS.	4.8
2024-03-14	CVE-2024-26163	Microsoft	Unspecified vulnerability in Microsoft Edge Chromium Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability	4.7
2024-03-13	CVE-2024-24692	Zoom	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Zoom Rooms Race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access.	4.7
2024-03-15	CVE-2023-46179	IBM	Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies.	4.3
2024-03-12	CVE-2024-21761	Fortinet	Improper Authorization vulnerability in Fortinet Fortiportal An improper authorization vulnerability [CWE-285] in FortiPortal version 7.2.0, and versions 7.0.6 and below reports may allow a user to download other organizations reports via modification in the request payload.	4.3
2024-03-12	CVE-2024-23112	Fortinet	Authorization Bypass Through User-Controlled Key vulnerability in Fortinet Fortios and Fortiproxy An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticated attacker to gain access to another user’s bookmark via URL manipulation.	4.3

Expand/Hide

2 Low Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2024-03-14	CVE-2024-26246	Microsoft	Unspecified vulnerability in Microsoft Edge 112.0.1722.34/118.0.2088.88 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability	3.9
2024-03-15	CVE-2023-46181	IBM	Information Exposure Through Browser Caching vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system.	3.3