Safeguard
Topic

Vulnerability Analysis

In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.

568 articles

Vulnerability Analysis

Progress WS_FTP CVE-2023-40044: Another File Transfer Platform Falls to Pre-Auth RCE

A critical deserialization vulnerability in Progress WS_FTP Server allowed unauthenticated RCE. Coming after MOVEit, it proved that file transfer platforms remain a systemic weak point.

Sep 27, 20235 min read
Vulnerability Analysis

WinRAR Zero-Day CVE-2023-38831: Weaponized Archives in the Wild

A WinRAR vulnerability exploited since April 2023 allowed attackers to execute arbitrary code when users opened seemingly harmless files inside ZIP archives.

Aug 20, 20235 min read
Vulnerability Analysis

Ivanti EPMM Zero-Day CVE-2023-35078: Norwegian Government Breach

A critical authentication bypass in Ivanti's Endpoint Manager Mobile was exploited to breach Norwegian government agencies, earning a perfect CVSS 10.0 score.

Aug 8, 20234 min read
Vulnerability Analysis

Zenbleed: AMD CPU Vulnerability Leaks Data Across Processes (CVE-2023-20593)

A speculative execution bug in AMD Zen 2 processors allows attackers to steal sensitive data at 30KB per core per second, affecting cloud environments and shared infrastructure.

Jul 24, 20235 min read
Vulnerability Analysis

Citrix NetScaler Zero-Day CVE-2023-3519: Mass Exploitation in the Wild

CVE-2023-3519 allowed unauthenticated remote code execution on Citrix NetScaler ADC and Gateway devices, leading to widespread exploitation and CISA emergency directives.

Jul 18, 20235 min read
Vulnerability Analysis

Zimbra Collaboration CVE-2023-37580: XSS Zero-Day Exploited by Four Nation-State Groups

A reflected XSS vulnerability in Zimbra Collaboration was exploited by four distinct threat groups targeting government organizations worldwide. The campaign showed how even 'low severity' bugs enable espionage.

Jul 13, 20235 min read
Vulnerability Analysis

Microsoft Teams Vulnerability: External Tenant Attacks and the Collaboration Security Gap

Researchers demonstrated that Microsoft Teams' default configuration allowed external attackers to deliver malware directly to employees, bypassing email security controls entirely.

Jun 22, 20236 min read
Vulnerability Analysis

Progress MOVEit: Second Critical Vulnerability Discovered Amid Breach Fallout

While organizations were still reeling from the first MOVEit zero-day, a second critical vulnerability was found — raising questions about the product's security.

Jun 20, 20236 min read
Vulnerability Analysis

Barracuda ESG Zero-Day CVE-2023-2868: When Patching Isn't Enough

Barracuda told customers to physically replace compromised Email Security Gateway appliances. The vulnerability had been exploited since October 2022.

Jun 15, 20236 min read
Vulnerability Analysis

FortiGate CVE-2023-27997: Critical Heap Overflow in SSL VPN

A pre-authentication heap overflow in FortiOS SSL VPN allowed remote code execution on hundreds of thousands of internet-facing firewalls.

Jun 12, 20236 min read
Vulnerability Analysis

MOVEit Transfer CVE-2023-34362: The Zero-Day That Hit Thousands

The MOVEit Transfer SQL injection zero-day exploited by Cl0p ransomware gang became 2023's most impactful vulnerability. Here's the full technical analysis.

Jun 1, 20236 min read
Vulnerability Analysis

CISA KEV Catalog: One Year Analysis of Known Exploited Vulnerabilities

After one year, the CISA KEV catalog has reshaped how organizations prioritize patching. Here's what the data tells us about real-world exploitation.

Apr 25, 20236 min read
Vulnerability Analysis (Page 45) — Supply Chain Security Blog | Safeguard