Safeguard
Topic

Vulnerability Analysis

In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.

568 articles

Vulnerability Analysis

Check Point VPN Zero-Day CVE-2024-24919: Information Disclosure Under Active Exploitation

A critical information disclosure vulnerability in Check Point VPN products allowed attackers to read sensitive files including password hashes, enabling lateral movement into enterprise networks.

May 28, 20245 min read
Vulnerability Analysis

GitHub Enterprise Server CVE-2024-4985: SAML Authentication Bypass

A critical authentication bypass in GitHub Enterprise Server allowed attackers to forge SAML responses and gain administrator access to self-hosted GitHub instances without any credentials.

May 20, 20245 min read
Vulnerability Analysis

Palo Alto PAN-OS Zero-Day CVE-2024-3400: Command Injection in GlobalProtect

A critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProtect feature was exploited as a zero-day, giving attackers root access to firewalls protecting enterprise networks.

Apr 12, 20245 min read
Vulnerability Analysis

Kubernetes CVE-2024-3177: Bypassing Mountable Secrets Policy

A medium-severity Kubernetes vulnerability allowed pods to access secrets they should not have been able to mount, undermining RBAC-based secret isolation in multi-tenant clusters.

Mar 10, 20245 min read
Vulnerability Analysis

Ivanti Connect Secure Zero-Day: CVE-2024-21887 and CVE-2023-46805 Exploited in the Wild

Two chained zero-days in Ivanti Connect Secure VPN appliances gave attackers unauthenticated remote code execution. Here's what happened and why perimeter devices remain a favorite target.

Jan 10, 20245 min read
Vulnerability Analysis

Apache OFBiz CVE-2023-51467: Authentication Bypass in Enterprise Resource Planning

CVE-2023-51467 bypassed a previous patch for an authentication flaw in Apache OFBiz, granting unauthenticated access to ERP functionality. A patch bypass that exposed critical business data.

Dec 26, 20236 min read
Vulnerability Analysis

Apache Struts CVE-2023-50164: Critical File Upload RCE Echoes Equifax-Era Nightmares

A critical path traversal vulnerability in Apache Struts allowed RCE through file upload manipulation. The disclosure triggered flashbacks to the 2017 Equifax breach caused by a similar Struts flaw.

Dec 7, 20236 min read
Vulnerability Analysis

Apache ActiveMQ CVE-2023-46604: Ransomware Groups Exploit Critical RCE

A critical remote code execution flaw in Apache ActiveMQ was rapidly weaponized by ransomware operators, with exploitation beginning before many organizations could patch.

Nov 8, 20234 min read
Vulnerability Analysis

F5 BIG-IP CVE-2023-46747: Authentication Bypass Puts Network Infrastructure at Risk

A critical authentication bypass in F5 BIG-IP allowed unauthenticated attackers to gain administrative access. The vulnerability affected the management interface of devices protecting enterprise networks.

Oct 27, 20235 min read
Vulnerability Analysis

Cisco IOS XE CVE-2023-20198: Tens of Thousands of Devices Implanted

A critical zero-day in Cisco IOS XE's web UI allowed unauthenticated attackers to create admin accounts and deploy implants on over 40,000 devices worldwide.

Oct 16, 20235 min read
Vulnerability Analysis

curl CVE-2023-38545: The Worst curl Vulnerability in Years

A heap buffer overflow in curl's SOCKS5 proxy handshake earned a severity rating of HIGH from curl's creator Daniel Stenberg, who called it the worst curl flaw in a long time.

Oct 11, 20235 min read
Vulnerability Analysis

JetBrains TeamCity CVE-2023-42793: When Your Build Server Becomes the Attack Vector

A critical authentication bypass in TeamCity allowed unauthenticated attackers to gain admin access to CI/CD servers. State-sponsored groups exploited it to compromise software supply chains.

Oct 3, 20236 min read
Vulnerability Analysis (Page 44) — Supply Chain Security Blog | Safeguard