Vulnerability SPOT Report

PetitPotam NTLM Relay Attack

Summary A French security researcher, Gilles Lionel, discovered a new NTLM relay attack he has dubbed PetitPotam. Giles published...

CVE-2021-33909 & CVE-2021-33910 - Long Path Name in Mountpoint Flaws in the Kernel and Systemd

Summary On July 20th, two CVEs – CVE-2021-33909 and CVE-2021-33910 related to Long Path Name in Mountpoint Flaws in...

CVE-2021-1675 - PrintNightmare Vulnerability

Updated July 9, 2021 This is a follow-up to the recent deepwatch announcement “CVE-2021-1675 – PrintNightmare Vulnerability”...

CVE-2021-3044 Vulnerability: Cortex XSOAR

[Editor’s Note] deepwatch has successfully upgraded the Palo Alto Cortex XSOAR platform to a version that is not vulnerable. ...

CVE-2021-21985 - Vulnerability Found in VMware vCenter Servers and Cloud Foundation

Overview On May 25, 2021, VMware released advisory VMSA-2021-0010 for two vulnerabilities impacting vCenter Server, which...

CVE-2021-22893 - Pulse Secure VPN Zero-Day & Active Exploits

Executive Summary deepwatch is currently tracking and responding to multiple advisories stating that Pulse Secure VPN appliances...

CVE-2021-21972 - Vulnerability Found in VMware vCenter Servers and Cloud Foundation

Overview On February 23, 2021, VMware released advisory VMSA-2021-0002 for vulnerabilities in multiple products including...

Sudo Vulnerability

Security researchers at Qualys disclosed a bug in sudo, a standard Linux and Unix utility for handling administrative rights....

Oracle WebLogic Vulnerability

Oracle has released an out of band patch for vulnerability CVE-2020-14750. It has been given a 9.8 out of 10 base score on...

ZeroLogon Threat Review

Every couple of years, or months, a vulnerability comes to light that is just so egregious that everyone in IT has to sit...