NVD disclosure day

Published threat advisories for July 22, 2021

CVE advisoryKnown Exploit

CVE-2021-35464

ForgeRock Access Management Remote Code Execution.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A Java deserialization vulnerability affects ForgeRock Access Management and OpenAM. Exploitation allows unauthenticated remote attackers to execute code, potentially leading to unauthorized access and business disruption. This presents a significant risk due to the ease of exploitation and potential impact on affected

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2021-36934

Windows SAM Privilege Escalation Vulnerability.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Windows allows attackers with code execution to gain SYSTEM privileges, enabling them to install programs, alter data, or create new accounts. This presents a risk of unauthorized access and data compromise for affected organizations. Organizations should apply vendor updates and delete shadow copies

NVD published: • CISA KEV