NVD disclosure day

Published threat advisories for January 31, 2024

CVE advisoryKnown Exploit

CVE-2024-21893

Ivanti Connect Secure SAML Component Vulnerability Allows Unauthorized Access.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A server-side request forgery vulnerability in Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA allows unauthorized access to restricted resources. This impacts organizations by potentially compromising data confidentiality and integrity. The business risk involves unauthorized access to sensitiv

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2024-1086

Linux Kernel Privilege Escalation Vulnerability.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A local privilege escalation vulnerability exists in the Linux kernel's netfilter component. This flaw could allow an attacker with existing system access to gain elevated permissions, potentially impacting data and system control. Business risk is associated with unauthorized access.

NVD published: • CISA KEV