The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs and those affecting open source projects with very small userbases aren’t listed.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.

CVE-2024-41276

• Severity: 9.8 CRITICAL
• Impacted Products: Kaiten version 57.131.12
• Description: The application requires users to input a 6-digit PIN code sent to their email for authorization after entering their login credentials. However, the request limiting mechanism can be easily bypassed, enabling attackers to perform a brute force attack to guess the correct PIN and gain unauthorized access to the application.
• Remediation: Follow developer guidance.
• More Info: NVD - CVE-2024-41276
• PoC: https://github.com/artemy-ccrsky/CVE-2024-41276/

CVE-2024-5910

• Severity: 10 CRITICAL
• Impacted Products: Palo Alto Networks Expedition
• Description: Admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.
• Remediation: Follow developer guidance.
• More Info: NVD - CVE-2024-5910
• PoC: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

CVE-2024-45519

• Severity: 9.8 CRITICAL
• Impacted Products: Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1.
• Description: The software sometimes allows unauthenticated users to execute commands.
• Remediation: Follow developer guidance.
• More Info: NVD - CVE-2024-45519
• PoC: https://github.com/p33d/CVE-2024-45519/

CVE-2024-44193

• Severity: 9.8 CRITICAL
• Impacted Products: iTunes < 12.13.3 for Windows
• Description: The software sometimes allows unauthenticated users to execute commands.
• Remediation: Follow developer guidance.
• More Info: NVD - CVE-2024-44193
• PoC: https://github.com/mbog14/CVE-2024-44193/

CVE-2024-28995

• Severity: Awaiting analysis
• Impacted Products: SolarWinds Serv-U 15.4.2 HF1 and earlier.
• Description: SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
• Remediation: Follow developer guidance here.
• More Info: CVE-2024-28995
• PoC: https://github.com/krypton-kry/CVE-2024-28995/

References

This list was scraped from the quite amazing and highly recommended newsletters below:

• ~this week in security~
• Unsupervised Learning
• @RISK
• Hive Five
• Vulnerable U
• tl;dr sec

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.