Summary At Kudelski security, with the end of year approaching we have observed multiple vulnerabilities being exploited recently. This ranges from long-standing vulnerabilities like the
New IT Support in Town
Why hack into a system when you can politely just ask for it?
Critical Zero-Day Vulnerability in Palo Alto Networks Next-Generation Firewalls (PAN-SA-2024-0015)
Summary Palo Alto Networks has identified a critical zero-day vulnerability (PAN-SA-2024-0015) in the PAN-OS software, impacting management interfaces of its Next-Generation Firewalls (NGFW). This vulnerability,
FortiManager Critical CVE-2024-47575 “FortiJump” Allows RCE
Summary On October 23, 2024, Fortinet published an advisory for CVE-2024-47575, a critical-severity zero day affecting FortiManager. Missing authentication for a critical function in the
Kubernetes Image Builder Vulnerabilities
Summary Recently released were two vulnerabilities, CVE-2024-9486 (CVSS 9.8) and CVE-2024-9594 (CVSS 6.3), that impact the Kubernetes Image Builder. The vulnerabilities can be utilized to
Splunk Enterprise Multiple Vulnerabilities for RCE
Summary Splunk has disclosed several high-severity vulnerabilities in Splunk Enterprise and Splunk Cloud Platform, which allowattackers to execute remote code on vulnerable systems. The vulnerabilities,
Kudelski Security Research 