Latest Authentication Bypass news

Exploit available for new critical TeamCity auth bypass bug, patch now

A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control of the server with administrative permissions.
- Ionut Ilascu
- March 04, 2024
- 05:42 PM
- 0
ScreenConnect critical bug now under attack as exploit code emerges

Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software.
- Bill Toulas
- February 21, 2024
- 12:18 PM
- 1
Ivanti: Patch new Connect Secure auth bypass bug immediately

Today, Ivanti warned of a new authentication bypass vulnerability impacting Connect Secure, Policy Secure, and ZTA gateways, urging admins to secure their appliances immediately.
- Sergiu Gatlan
- February 08, 2024
- 02:45 PM
- 0
JetBrains warns of new TeamCity auth bypass vulnerability

JetBrains urged customers today to patch their TeamCity On-Premises servers against a critical authentication bypass vulnerability that can let attackers take over vulnerable instances with admin privileges.
- Sergiu Gatlan
- February 06, 2024
- 12:30 PM
- 0
Newest Ivanti SSRF zero-day now under mass exploitation

An Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 is currently under mass exploitation by multiple attackers.
- Bill Toulas
- February 05, 2024
- 10:55 AM
- 1
Exploit released for Fortra GoAnywhere MFT auth bypass bug

Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on unpatched instances via the administration portal.
- Sergiu Gatlan
- January 23, 2024
- 06:16 PM
- 0
Fortra warns of new critical GoAnywhere MFT auth bypass, patch now

Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows an attacker to create a new admin user.
- Bill Toulas
- January 23, 2024
- 10:41 AM
- 0
Ivanti Connect Secure zero-days now under mass exploitation

Two zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control (NAC) appliances are now under mass exploitation.
- Sergiu Gatlan
- January 15, 2024
- 08:05 PM
- 0
CISA: Critical Microsoft SharePoint bug now actively exploited

CISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another critical bug for remote code execution.
- Sergiu Gatlan
- January 12, 2024
- 02:24 PM
- 0
Cisco says critical Unity Connection bug lets attackers get root

Cisco has patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched devices.
- Sergiu Gatlan
- January 10, 2024
- 03:42 PM
- 0
Ivanti warns of Connect Secure zero-days exploited in attacks

Ivanti has disclosed two Connect Secure (ICS) and Policy Secure zero-days exploited by suspected Chinese hackers in the wild that can let remote attackers execute arbitrary commands on targeted gateways.
- Sergiu Gatlan
- January 10, 2024
- 01:53 PM
- 0
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers

A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept (PoC) exploits.
- Bill Toulas
- December 28, 2023
- 11:20 AM
- 0
VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks

VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over two weeks since it was disclosed on November 14th.
- Sergiu Gatlan
- December 01, 2023
- 12:58 PM
- 0
Zyxel warns of multiple critical vulnerabilities in NAS devices

Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage (NAS) devices.
- Bill Toulas
- November 30, 2023
- 10:11 AM
- 0
VMware discloses critical VCD Appliance auth bypass with no patch

VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments.
- Sergiu Gatlan
- November 14, 2023
- 04:45 PM
- 0
Critical Atlassian Confluence bug exploited in Cerber ransomware attacks

Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber ransomware.
- Sergiu Gatlan
- November 06, 2023
- 12:39 PM
- 1
Atlassian warns of exploit for Confluence data wiping bug, get patching

Atlassian warned admins that a public exploit is now available for a critical Confluence security flaw that can be used in data destruction attacks targeting Internet-exposed and unpatched instances.
- Sergiu Gatlan
- November 02, 2023
- 05:46 PM
- 0
VMware warns admins of public exploit for vRealize RCE flaw

VMware warned customers on Monday that proof-of-concept (PoC) exploit code is now available for an authentication bypass flaw in vRealize Log Insight (now known as VMware Aria Operations for Logs).
- Sergiu Gatlan
- October 24, 2023
- 10:53 AM
- 0
Cisco warns of new IOS XE zero-day actively exploited in attacks

Cisco warned admins today of a new maximum severity authentication bypass zero-day in its IOS XE software that lets unauthenticated attackers gain full administrator privileges and take complete control of affected routers and switches remotely.
- Sergiu Gatlan
- October 16, 2023
- 11:43 AM
- 1
Exploit released for Microsoft SharePoint Server auth bypass flaw

Proof-of-concept exploit code has surfaced on GitHub for a critical authentication bypass vulnerability in Microsoft SharePoint Server, allowing privilege escalation.
- Sergiu Gatlan
- September 29, 2023
- 02:06 PM
- 0