NVD disclosure day

Published threat advisories for January 12, 2021

CVE advisoryKnown Exploit

CVE-2021-1647

Microsoft Defender Allows Code Execution Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

Microsoft Defender has a vulnerability that could allow an attacker to execute code. This could affect systems, leading to unauthorized access to data and systems, impacting business operations. The realistic business risk involves potential compromise of sensitive information and disruption.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2021-3129

Ignition Remote Code Execution Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in Ignition, a component used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code. This affects systems running the affected component, posing a risk of unauthorized system control and data compromise. Prompt remediation is advised to mitigate business risk.

NVD published: • CISA KEV