NVD disclosure day

Published threat advisories for May 14, 2019

CVE-2018-14839

LG N1A1 NAS: Unauthenticated Remote Code Execution

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

LG N1A1 NAS devices can allow remote command execution. An attacker can exploit this by sending crafted HTTP POST requests, potentially leading to unauthorized system control. Business risk includes unauthorized access and data manipulation.

NVD published: May 14, 2019 • CISA KEV

CVE advisoryKnown Exploit

CVE-2019-3568

WhatsApp VOIP Stack Remote Code Execution Vulnerability

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A vulnerability in WhatsApp's VOIP stack permits remote code execution via specially crafted network packets. This could lead to unauthorized access and impact device data. Organizations should update WhatsApp applications to mitigate this risk.

NVD published: May 14, 2019 • CISA KEV