Research Alerts
- CVE-2024-4040: Exploited in the wild as a zero-day in targeted attacks. Exploit probing observed by vendor. Customers advised to upgrade to a fixed version as soon as possible.
- CVE-2024-3400: Details on exploitation of this flaw are now available publicy and patches have begun being released by the vendor. Immediate patching is recommended.
- CVE-2024-20359: Two zero-days exploited in the wild in ArcaneDoor campaign to deploy backdoor malware. Monitoring for new developments including publication of PoCs.
- CVE-2024-20353: Two zero-days exploited in the wild in ArcaneDoor campaign to deploy backdoor malware. Monitoring for new developments including publication of PoCs.
- CVE-2024-31497: This critical vulnerability can be used to compromise a private key, although exploitation requires compromise of a server the key has been used to authenticate to.