CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities
Posted: Wed Nov 27, 2024 4:09 am
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence.
The vulnerabilities newly added are below -
CVE-2023-42793 (CVSS score: 9.8) - JetBrains TeamCity Authentication Bypass Vulnerability
CVE-2023-28229 (CVSS score: 7.0) - Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability.
https://thehackernews.com/2023/10/cisa- ... on-of.html
The vulnerabilities newly added are below -
CVE-2023-42793 (CVSS score: 9.8) - JetBrains TeamCity Authentication Bypass Vulnerability
CVE-2023-28229 (CVSS score: 7.0) - Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability.
https://thehackernews.com/2023/10/cisa- ... on-of.html