Weekly Vulnerabilities Reports > March 11 to 17, 2024

Overview

100 new vulnerabilities reported during this period, including 11 critical vulnerabilities and 53 high severity vulnerabilities. This weekly summary report vulnerabilities in 42 products from 6 vendors including IBM, Fortinet, Microsoft, Siemens, and Tenda. Vulnerabilities are notably categorized as "Improper Input Validation", "Cross-site Scripting", "Out-of-bounds Write", "Improper Access Control", and "Classic Buffer Overflow".

  • 59 reported vulnerabilities are remotely exploitables.
  • 14 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 52 reported vulnerabilities are exploitable by an anonymous user.
  • IBM has the most reported vulnerabilities, with 10 reported vulnerabilities.
  • Fortinet has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

11 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-03-13 CVE-2024-2413 Intumit SmartRobot uses a fixed encryption key for authentication.
9.8
2024-03-12 CVE-2024-21334 Open Management Infrastructure (OMI) Remote Code Execution Vulnerability
9.8
2024-03-12 CVE-2023-36554 Fortinet Improper Access Control vulnerability in Fortinet Fortimanager

A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.

9.8
2024-03-12 CVE-2023-42789 Fortinet Out-of-bounds Write vulnerability in Fortinet Fortios and Fortiproxy

A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.

9.8
2024-03-12 CVE-2023-48788 Fortinet SQL Injection vulnerability in Fortinet Forticlient Enterprise Management Server

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.

9.8
2024-03-12 CVE-2024-28535 Tenda Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.05

Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function.

9.8
2024-03-12 CVE-2024-28553 Tenda Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.05

Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the entrys parameter fromAddressNat function.

9.8
2024-03-12 CVE-2022-32257 Siemens Improper Access Control vulnerability in Siemens Sinema Remote Connect Server

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2).

9.8
2024-03-12 CVE-2024-22039 Siemens Classic Buffer Overflow vulnerability in Siemens products

A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions < IP8), Cerberus PRO EN Fire Panel FC72x (All versions < IP8), Cerberus PRO EN X200 Cloud Distribution (All versions < V4.0.5016), Cerberus PRO EN X300 Cloud Distribution (All versions < V4.2.5015), Sinteso FS20 EN Engineering Tool (All versions < MP8), Sinteso FS20 EN Fire Panel FC20 (All versions < MP8), Sinteso FS20 EN X200 Cloud Distribution (All versions < V4.0.5016), Sinteso FS20 EN X300 Cloud Distribution (All versions < V4.2.5015), Sinteso Mobile (All versions < V3.0.0).

9.8
2024-03-12 CVE-2024-25995 An unauthenticated remote attacker can modify configurations to perform a remote code execution due to a missing authentication for a critical function.
9.8
2024-03-12 CVE-2024-21400 Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
9.0

53 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-03-13 CVE-2015-10123 An unautheticated remote attacker could send specifically crafted packets to a affected device.
8.8
2024-03-12 CVE-2024-21411 Skype for Consumer Remote Code Execution Vulnerability
8.8
2024-03-12 CVE-2024-21435 Windows OLE Remote Code Execution Vulnerability
8.8
2024-03-12 CVE-2024-21441 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
8.8
2024-03-12 CVE-2024-21444 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
8.8
2024-03-12 CVE-2024-21451 Microsoft ODBC Driver Remote Code Execution Vulnerability
8.8
2024-03-12 CVE-2024-26159 Microsoft ODBC Driver Remote Code Execution Vulnerability
8.8
2024-03-12 CVE-2024-26161 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
8.8
2024-03-12 CVE-2024-26162 Microsoft ODBC Driver Remote Code Execution Vulnerability
8.8
2024-03-12 CVE-2024-26164 Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability
8.8
2024-03-12 CVE-2024-26165 Visual Studio Code Elevation of Privilege Vulnerability
8.8
2024-03-12 CVE-2024-26166 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
8.8
2024-03-12 CVE-2024-26198 Microsoft Exchange Server Remote Code Execution Vulnerability
8.8
2024-03-12 CVE-2023-46717 Fortinet Improper Authentication vulnerability in Fortinet Fortios

An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions 7.2.6 and below, and versions 7.0.12 and below when configured with FortiAuthenticator in HA may allow a readonly user to gain read-write access via successive login attempts.

8.8
2024-03-12 CVE-2023-47534 Fortinet Improper Neutralization of Formula Elements in a CSV File vulnerability in Fortinet Forticlient Endpoint Management Server

A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets.

8.8
2024-03-12 CVE-2024-26288 An unauthenticated remote attacker can influence the communication due to the lack of encryption of sensitive data via a MITM.
8.7
2024-03-14 CVE-2024-27266 IBM XXE vulnerability in IBM Maximo Application Suite 7.6.1.3

IBM Maximo Application Suite 7.6.1.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.

8.2
2024-03-12 CVE-2024-21407 Microsoft Unspecified vulnerability in Microsoft products

Windows Hyper-V Remote Code Execution Vulnerability

8.1
2024-03-12 CVE-2023-42790 Fortinet Stack-based Buffer Overflow vulnerability in Fortinet Fortios and Fortiproxy

A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.

8.1
2024-03-14 CVE-2024-22346 IBM Unspecified vulnerability in IBM I

Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call.

7.8
2024-03-12 CVE-2024-21330 Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
7.8
2024-03-12 CVE-2024-21418 Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
7.8
2024-03-12 CVE-2024-21426 Microsoft SharePoint Server Remote Code Execution Vulnerability
7.8
2024-03-12 CVE-2024-21431 Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
7.8
2024-03-12 CVE-2024-21434 Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability
7.8
2024-03-12 CVE-2024-21436 Windows Installer Elevation of Privilege Vulnerability
7.8
2024-03-12 CVE-2024-21437 Windows Graphics Component Elevation of Privilege Vulnerability
7.8
2024-03-12 CVE-2024-21442 Windows USB Print Driver Elevation of Privilege Vulnerability
7.8
2024-03-12 CVE-2024-21446 NTFS Elevation of Privilege Vulnerability
7.8
2024-03-12 CVE-2024-26169 Windows Error Reporting Service Elevation of Privilege Vulnerability
7.8
2024-03-12 CVE-2024-26170 Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability
7.8
2024-03-12 CVE-2024-26173 Windows Kernel Elevation of Privilege Vulnerability
7.8
2024-03-12 CVE-2024-26178 Windows Kernel Elevation of Privilege Vulnerability
7.8
2024-03-12 CVE-2024-26182 Windows Kernel Elevation of Privilege Vulnerability
7.8
2024-03-12 CVE-2024-26199 Microsoft Office Elevation of Privilege Vulnerability
7.8
2024-03-12 CVE-2024-26002 An improper input validation in the Qualcom plctool allows a local attacker with low privileges to gain root access by changing the ownership of specific files.
7.8
2024-03-12 CVE-2024-21419 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
7.6
2024-03-12 CVE-2024-21392 .NET and Visual Studio Denial of Service Vulnerability
7.5
2024-03-12 CVE-2024-21421 Azure SDK Spoofing Vulnerability
7.5
2024-03-12 CVE-2024-21427 Windows Kerberos Security Feature Bypass Vulnerability
7.5
2024-03-12 CVE-2024-21438 Microsoft AllJoyn API Denial of Service Vulnerability
7.5
2024-03-12 CVE-2024-26190 Microsoft QUIC Denial of Service Vulnerability
7.5
2024-03-12 CVE-2024-26204 Outlook for Android Information Disclosure Vulnerability
7.5
2024-03-12 CVE-2024-26004 An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality.
7.5
2024-03-12 CVE-2024-26001 An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack.
7.4
2024-03-12 CVE-2024-21443 Windows Kernel Elevation of Privilege Vulnerability
7.3
2024-03-12 CVE-2024-26203 Azure Data Studio Elevation of Privilege Vulnerability
7.3
2024-03-12 CVE-2024-25998 An unauthenticated remote attacker can perform a command injection in the OCPP Service with limited privileges due to improper input validation.
7.3
2024-03-12 CVE-2024-21390 Microsoft Unspecified vulnerability in Microsoft Authenticator

Microsoft Authenticator Elevation of Privilege Vulnerability

7.1
2024-03-12 CVE-2024-21432 Windows Update Stack Elevation of Privilege Vulnerability
7.0
2024-03-12 CVE-2024-21433 Windows Print Spooler Elevation of Privilege Vulnerability
7.0
2024-03-12 CVE-2024-21439 Windows Telephony Server Elevation of Privilege Vulnerability
7.0
2024-03-12 CVE-2024-21445 Windows USB Print Driver Elevation of Privilege Vulnerability
7.0

34 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-03-12 CVE-2024-21429 Windows USB Hub Driver Remote Code Execution Vulnerability
6.8
2024-03-12 CVE-2023-41842 Fortinet Use of Externally-Controlled Format String vulnerability in Fortinet products

A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer-BigData before 7.2.5 and Fortinet FortiPortal version 6.0 all versions and version 5.3 all versions allows a privileged attacker to execute unauthorized code or commands via specially crafted command arguments.

6.7
2024-03-12 CVE-2024-26201 Microsoft Intune Linux Agent Elevation of Privilege Vulnerability
6.6
2024-03-14 CVE-2024-27265 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Integration BUS 10.1

IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

6.5
2024-03-12 CVE-2024-26185 Windows Compressed Folder Tampering Vulnerability
6.5
2024-03-12 CVE-2024-26197 Windows Standards-Based Storage Management Service Denial of Service Vulnerability
6.5
2024-03-12 CVE-2024-22045 Siemens Unspecified vulnerability in Siemens Sinema Remote Connect Client

A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1).

6.5
2024-03-15 CVE-2023-47699 IBM Cross-site Scripting vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting.

6.1
2024-03-15 CVE-2023-47162 IBM Cross-site Scripting vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting.

6.1
2024-03-12 CVE-2024-26000 An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization. 
5.9
2024-03-15 CVE-2021-38938 IBM Insufficiently Protected Credentials vulnerability in IBM Host Access Transformation Services

IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores user credentials in plain clear text which can be read by a local user.

5.5
2024-03-15 CVE-2024-2180 Zemana AntiLogger v2.74.204.664 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x80002020 IOCTL code of the zam64.sys and zamguard64.sys drivers
5.5
2024-03-15 CVE-2024-2204 Zemana AntiLogger v2.74.204.664 is vulnerable to a Denial of Service (DoS) vulnerability by triggering the 0x80002004 and 0x80002010 IOCTL codes of the zam64.sys and zamguard64.sys drivers.
5.5
2024-03-14 CVE-2024-1853 Zemana AntiLogger v2.74.204.664 is vulnerable to an Arbitrary Process Termination vulnerability by triggering the 0x80002048 IOCTL code of the zam64.sys and zamguard64.sys drivers.
5.5
2024-03-13 CVE-2024-24693 Zoom Unspecified vulnerability in Zoom Rooms

Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access.

5.5
2024-03-12 CVE-2024-20671 Microsoft Defender Security Feature Bypass Vulnerability
5.5
2024-03-12 CVE-2024-21408 Microsoft Unspecified vulnerability in Microsoft products

Windows Hyper-V Denial of Service Vulnerability

5.5
2024-03-12 CVE-2024-26174 Windows Kernel Information Disclosure Vulnerability
5.5
2024-03-12 CVE-2024-26177 Windows Kernel Information Disclosure Vulnerability
5.5
2024-03-12 CVE-2024-26181 Windows Kernel Denial of Service Vulnerability
5.5
2024-03-15 CVE-2023-46182 IBM Cross-site Scripting vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting.

5.4
2024-03-13 CVE-2018-25090 An unauthenticated remote attacker can use an XSS attack due to improper neutralization of input during web page generation.
5.4
2024-03-15 CVE-2023-47147 IBM External Control of File Name or Path vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions.

5.3
2024-03-13 CVE-2024-2412 The disabling function of the user registration page for Heimavista Rpage and Epage is not properly implemented, allowing remote attackers to complete user registration on sites where user registration is supposed to be disabled.
5.3
2024-03-12 CVE-2024-25994 An unauthenticated remote attacker can upload a arbitrary script file due to improper input validation. The upload destination is fixed and is write only.
5.3
2024-03-12 CVE-2024-25996 An unauthenticated remote attacker can perform a remote code execution due to an origin validation error.
5.3
2024-03-12 CVE-2024-25997 An unauthenticated remote attacker can perform a log injection due to improper input validation.
5.3
2024-03-12 CVE-2024-21448 Microsoft Teams for Android Information Disclosure Vulnerability
5.0
2024-03-12 CVE-2024-26005 An unauthenticated remote attacker can gain service level privileges through an incomplete cleanup during service restart after a DoS. 
4.8
2024-03-14 CVE-2024-26163 Microsoft Unspecified vulnerability in Microsoft Edge Chromium

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

4.7
2024-03-13 CVE-2024-24692 Zoom Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Zoom Rooms

Race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access.

4.7
2024-03-15 CVE-2023-46179 IBM Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies.

4.3
2024-03-12 CVE-2024-21761 Fortinet Improper Authorization vulnerability in Fortinet Fortiportal

An improper authorization vulnerability [CWE-285] in FortiPortal version 7.2.0, and versions 7.0.6 and below reports may allow a user to download other organizations reports via modification in the request payload.

4.3
2024-03-12 CVE-2024-23112 Fortinet Authorization Bypass Through User-Controlled Key vulnerability in Fortinet Fortios and Fortiproxy

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticated attacker to gain access to another user’s bookmark via URL manipulation.

4.3

2 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-03-14 CVE-2024-26246 Microsoft Unspecified vulnerability in Microsoft Edge 112.0.1722.34/118.0.2088.88

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

3.9
2024-03-15 CVE-2023-46181 IBM Information Exposure Through Browser Caching vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system.

3.3