NVD disclosure day

Published threat advisories for October 12, 2023

CVE advisoryCRITICAL

CVE-2023-5046

Biltay Procost could allow an external attacker to access data and take control of the system.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

An external attacker can send malicious data through Biltay Procost input fields to run unauthorized database instructions. This could allow them to gain full administrative control over the hosting server and compromise sensitive application data.

NVD published:

CVE advisoryCRITICAL

CVE-2023-5045

Kayisi software lets attackers take control of systems and steal sensitive files

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

An external attacker can exploit a flaw in Biltay Technology Kayisi to run unauthorized commands. This could allow them to gain complete administrative control of the hosting server, steal sensitive files, and potentially compromise other systems on our network.

NVD published: