Published threat advisories for September 10, 2024

A vulnerability in the Ivanti Cloud Services Appliance allows authenticated administrators to execute commands, potentially leading to unauthorized system control and data compromise. This poses a business risk due to potential operational disruption and data exposure. Organizations using this appliance should assess t

NVD published: September 10, 2024 • CISA KEV

A spoofing vulnerability in the Windows MSHTML Platform allows attackers to display fraudulent web pages, potentially deceiving users and leading to data compromise. This impacts organizations by undermining user trust and exposing them to further malicious activity. The risk is heightened as this vulnerability has bee

NVD published: September 10, 2024 • CISA KEV

A vulnerability in Microsoft Publisher allows attackers to bypass macro policies, potentially leading to unauthorized code execution. This impacts systems by enabling attackers to circumvent security features, posing a business risk to data confidentiality, integrity, and availability. Exploitation requires local acces

NVD published: September 10, 2024 • CISA KEV

A security bypass vulnerability in Windows Mark of the Web can allow attackers to circumvent downloaded file protections, impacting data integrity and availability. This poses a moderate business risk by potentially enabling the execution of malicious files without expected security warnings. Organizations should prior

NVD published: September 10, 2024 • CISA KEV

A Windows Installer vulnerability allows local attackers to gain SYSTEM privileges. This could enable unauthorized data access or system modification. Applying vendor updates is recommended.

NVD published: September 10, 2024 • CISA KEV