NVD disclosure day

Published threat advisories for April 25, 2023

CVE advisoryKnown Exploit

CVE-2023-29552

Service Location Protocol Allows Denial-of-Service Attacks.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A vulnerability in the Service Location Protocol (SLP) allows unauthenticated remote attackers to register arbitrary services. This can lead to amplified denial-of-service attacks, disrupting business operations. Organizations face significant business risk if systems using SLP are exposed.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2023-28771

Zyxel Firewall Remote Command Execution Vulnerability.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

Zyxel firewall and VPN devices are affected by a vulnerability that allows unauthenticated attackers to execute OS commands remotely. This impacts the confidentiality, integrity, and availability of systems and data, posing a significant business risk. Exploitation by botnets has been observed, increasing the potential

NVD published: • CISA KEV