{"id":122782,"date":"2025-01-28T08:43:44","date_gmt":"2025-01-28T14:43:44","guid":{"rendered":"https:\/\/arcticwolf.com\/the-most-exploited-vulnerabilities-of-the-year\/"},"modified":"2025-02-10T14:20:45","modified_gmt":"2025-02-10T20:20:45","slug":"the-most-exploited-vulnerabilities-of-the-year","status":"publish","type":"page","link":"https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/","title":{"rendered":"The Most Exploited Vulnerabilities of the Year"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"122782\" class=\"elementor elementor-122782 elementor-122275\" data-elementor-post-type=\"page\">\n\t\t\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-top-section elementor-element elementor-element-1d9ee99b rbr23-loader elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"1d9ee99b\" data-element_type=\"section\" data-e-type=\"section\" id=\"loader-wrapper\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-10ddf2eb\" data-id=\"10ddf2eb\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-447e4e05 elementor-widget elementor-widget-html\" data-id=\"447e4e05\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<!-- PRELOADER ANIMATION\n\t\t============================================= -->\n  <div id=\"loading\">\n\t\n            <div class=\"loading-screen webinar-branded\">\n                <div class=\"loading-animation\">\n                  <div class=\"logo\">\n                  <img decoding=\"async\" src=\"\/wp-content\/uploads\/2025\/01\/AW-MR-Vuln-LP-Loader-Logo-01-240114.png\" alt=\"Arctic Wolf Top Vulnerabilties of 2024\" class=\"dont-be-lazy\"\/>\n\n                  <\/div>\n                  <div class=\"loading-bar\">\n\n                  <\/div>\n                <\/div>\n              <\/div>\n\t\n\t<\/div>\n\n\n\n\n<style>\n\n#loading .logo {\n    max-width: 600px;\n    width:90%;\n    margin:auto;\n}\n#loader-wrapper {\n  position: fixed;\n  top: 0;\n  left: 0;\n  width: 100%;\n  height: 100%;\n  z-index: 99999999999;\n}\n\n#loading {\n  background-color: transparent;\n  height: 100%;\n  width: 100%;\n  position: fixed;\n  z-index: 99999999;\n  margin-top: 0px;\n  top: 0px;\n}\n\n\n\n\n@keyframes cssload-loader {\n  0% {\n    transform: rotate(0deg);\n  }\n  \n  25% {\n    transform: rotate(180deg);\n  }\n  \n  50% {\n    transform: rotate(180deg);\n  }\n  \n  75% {\n    transform: rotate(360deg);\n  }\n  \n  100% {\n    transform: rotate(360deg);\n  }\n}\n\n@-o-keyframes cssload-loader {\n  0% {\n    transform: rotate(0deg);\n  }\n  \n  25% {\n    transform: rotate(180deg);\n  }\n  \n  50% {\n    transform: rotate(180deg);\n  }\n  \n  75% {\n    transform: rotate(360deg);\n  }\n  \n  100% {\n    transform: rotate(360deg);\n  }\n}\n\n@-ms-keyframes cssload-loader {\n  0% {\n    transform: rotate(0deg);\n  }\n  \n  25% {\n    transform: rotate(180deg);\n  }\n  \n  50% {\n    transform: rotate(180deg);\n  }\n  \n  75% {\n    transform: rotate(360deg);\n  }\n  \n  100% {\n    transform: rotate(360deg);\n  }\n}\n\n@-webkit-keyframes cssload-loader {\n  0% {\n    transform: rotate(0deg);\n  }\n  \n  25% {\n    transform: rotate(180deg);\n  }\n  \n  50% {\n    transform: rotate(180deg);\n  }\n  \n  75% {\n    transform: rotate(360deg);\n  }\n  \n  100% {\n    transform: rotate(360deg);\n  }\n}\n\n@-moz-keyframes cssload-loader {\n  0% {\n    transform: rotate(0deg);\n  }\n  \n  25% {\n    transform: rotate(180deg);\n  }\n  \n  50% {\n    transform: rotate(180deg);\n  }\n  \n  75% {\n    transform: rotate(360deg);\n  }\n  \n  100% {\n    transform: rotate(360deg);\n  }\n}\n\n@keyframes cssload-loader-inner {\n  0% {\n    height: 0%;\n  }\n  \n  25% {\n    height: 0%;\n  }\n  \n  50% {\n    height: 100%;\n  }\n  \n  75% {\n    height: 100%;\n  }\n  \n  100% {\n    height: 0%;\n  }\n}\n\n@-o-keyframes cssload-loader-inner {\n  0% {\n    height: 0%;\n  }\n  \n  25% {\n    height: 0%;\n  }\n  \n  50% {\n    height: 100%;\n  }\n  \n  75% {\n    height: 100%;\n  }\n  \n  100% {\n    height: 0%;\n  }\n}\n\n@-ms-keyframes cssload-loader-inner {\n  0% {\n    height: 0%;\n  }\n  \n  25% {\n    height: 0%;\n  }\n  \n  50% {\n    height: 100%;\n  }\n  \n  75% {\n    height: 100%;\n  }\n  \n  100% {\n    height: 0%;\n  }\n}\n\n@-webkit-keyframes cssload-loader-inner {\n  0% {\n    height: 0%;\n  }\n  \n  25% {\n    height: 0%;\n  }\n  \n  50% {\n    height: 100%;\n  }\n  \n  75% {\n    height: 100%;\n  }\n  \n  100% {\n    height: 0%;\n  }\n}\n\n@-moz-keyframes cssload-loader-inner {\n  0% {\n    height: 0%;\n  }\n  \n  25% {\n    height: 0%;\n  }\n  \n  50% {\n    height: 100%;\n  }\n  \n  75% {\n    height: 100%;\n  }\n  \n  100% {\n    height: 0%;\n  }\n}\n\n\n\n\n\/* OPTION 2 Loader*\/\n\n.loading-screen {\n    position: fixed;\n    left: 0;\n    top: 0;\n    width: 100%;\n    display: flex;\n    height: 100vh;\n    background: transparent;\n    align-items: center;\n    justify-content: center;\n    text-align: center;\n}\n.loading-screen .loading-animation .loading-bar {\n    position: relative;\n    width: 230px;\n    height: 3px;\n    background: rgba(255,255,255,0.12);\n    margin:auto;\n    margin-top: 22px;\n    overflow: hidden;\n}\n\/*.loading-animation {\n    margin-bottom: -25%;\n}*\/\n.loading-animation {\n    margin-top: 0%;\n}\n.loading-screen .loading-animation .loading-bar::before {\n    content: \"\";\n    background-color: #0066ff;\n    background-image: linear-gradient(to right, #83D6ff, #0066ff);\n    width: 180px;\n    height: 3px;\n    left: -34px;\n    position: absolute;\n    animation: bluebar 1.5s infinite ease;\n}\n@keyframes bluebar {\n50% {\nleft: 96px;\n}\n}\n#glitch-intro-img.active-glitch img {\n    opacity: 1.0 !important;\n}\ndiv#glitch-intro-img {\n    position: relative;\n    height: 100vh;\n}\n<\/style>\n\n<script>\n\n\n\n\tjQuery(document).ready(function() {\n\t\t\t\n\t\t\"use strict\";\n\t\t\n\t\t\n\t\t\/*----------------------------------------------------*\/\n\t\t\/*\tPreloader\n\t\t\/*----------------------------------------------------*\/\n\t\t\n\t\tvar preloader = jQuery('#loader-wrapper'),\n\t\t\tloader = preloader.find('.cssload-loader');\n\t\t\tloader.fadeOut();\n\t\t\tpreloader.delay(6000).fadeOut('slow');\n\n\t});\n<\/script>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-top-section elementor-element elementor-element-7340bc6d elementor-section-height-min-height elementor-section-items-stretch elementor-section-boxed elementor-section-height-default\" data-id=\"7340bc6d\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t\t<div class=\"elementor-background-overlay\"><\/div>\n\t\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3184a600\" data-id=\"3184a600\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;animation_tablet&quot;:&quot;fadeInUp&quot;,&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-inner-section elementor-element elementor-element-55849339 elementor-section-boxed elementor-section-height-default elementor-section-height-default elementor-invisible\" data-id=\"55849339\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;animation&quot;:&quot;fadeInDown&quot;,&quot;animation_mobile&quot;:&quot;fadeInUp&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-7c997b5d\" data-id=\"7c997b5d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-359b1557 elementor-widget elementor-widget-heading\" data-id=\"359b1557\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation_mobile&quot;:&quot;fadeInDown&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Arctic <span class=\"gr-text-aurora\">Wolf Presents<\/span><\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6d8b287c elementor-widget elementor-widget-heading\" data-id=\"6d8b287c\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;none&quot;,&quot;_animation_mobile&quot;:&quot;fadeIn&quot;}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">The Most Exploited Vulnerabilities of 2024<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-688c2d30 elementor-widget elementor-widget-text-editor\" data-id=\"688c2d30\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation_mobile&quot;:&quot;fadeInUp&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span class=\"TextRun SCXW19966460 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW19966460 BCX0\">2024 saw another <\/span><span class=\"NormalTextRun SCXW19966460 BCX0\">jump in<\/span><span class=\"NormalTextRun SCXW19966460 BCX0\"> the volume of vulnerabilities published<\/span><span class=\"NormalTextRun SCXW19966460 BCX0\">, with the year\u2019s total tally at<\/span> <span class=\"NormalTextRun SCXW19966460 BCX0\">40,289, a<\/span><span class=\"NormalTextRun SCXW19966460 BCX0\"> 72% increase<\/span><span class=\"NormalTextRun SCXW19966460 BCX0\"> compared to 2023<\/span><span class=\"NormalTextRun SCXW19966460 BCX0\">. With so many<\/span><span class=\"NormalTextRun SCXW19966460 BCX0\"> vulnerabilities<\/span><span class=\"NormalTextRun SCXW19966460 BCX0\"> for security teams to track and respond to, <\/span><span class=\"NormalTextRun SCXW19966460 BCX0\">it\u2019s<\/span><span class=\"NormalTextRun SCXW19966460 BCX0\"> vital to understand which mattered most to threat actors as they launched attacks<\/span><span class=\"NormalTextRun SCXW19966460 BCX0\"> throughout 2024.<\/span><\/span><span class=\"EOP SCXW19966460 BCX0\" data-ccp-props=\"{}\">\u00a0<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d16d18a elementor-widget__width-inherit elementor-widget elementor-widget-text-editor\" data-id=\"d16d18a\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation_mobile&quot;:&quot;fadeInUp&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tCheck out our list of <span class=\"gr-text-aurora\">the 25 most exploited vulnerabilities of 2024<\/span>\u00a0and find out.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-14ebac0 elementor-align-center gr-button smoothScroll elementor-hidden-desktop elementor-hidden-tablet elementor-widget elementor-widget-button\" data-id=\"14ebac0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm\" href=\"#top-vulnerabilities\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t<span class=\"elementor-button-icon\">\n\t\t\t\t<i aria-hidden=\"true\" class=\"fas fa-arrow-down\"><\/i>\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">View The List<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-425d643e smoothScroll elementor-hidden-mobile premium-lottie-svg elementor-invisible elementor-widget elementor-widget-premium-lottie\" data-id=\"425d643e\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeIn&quot;,&quot;_animation_delay&quot;:800}\" data-widget_type=\"premium-lottie.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\n\t\t<div class=\"premium-lottie-animation\" data-lottie-url=\"https:\/\/assets8.lottiefiles.com\/packages\/lf20_sb7jxp4m.json\" data-lottie-loop=\"true\" data-lottie-reverse=\"\" data-lottie-hover=\"\" data-lottie-speed=\"1\" data-lottie-render=\"svg\" data-lottie-delay=\"\">\n\t\t\t\t\t\t\t<a href=\"#top-vulnerabilities\"><\/a>\n\t\t\t\t\t<\/div>\n\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-top-section elementor-element elementor-element-315ddfba elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"315ddfba\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-20eaf225\" data-id=\"20eaf225\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;animation&quot;:&quot;none&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-inner-section elementor-element elementor-element-4be05329 demo-request-shapes elementor-section-boxed elementor-section-height-default elementor-section-height-default elementor-invisible\" data-id=\"4be05329\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;animation&quot;:&quot;fadeInUp&quot;,&quot;background_background&quot;:&quot;classic&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-2ef3e467\" data-id=\"2ef3e467\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-bac2d7e elementor-widget elementor-widget-heading\" data-id=\"bac2d7e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Another Record Setting Year <\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-694f67e0 elementor-widget elementor-widget-heading\" data-id=\"694f67e0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">* For CVEs published in the last 12 years<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a243813 elementor-widget elementor-widget-heading\" data-id=\"a243813\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<p class=\"elementor-heading-title elementor-size-default\">Not only does the increase in the sheer number of vulnerabilities cause concern, but the amount of critical and high-severity vulnerabilities increased by 13.46% in 2024 compared to 2023. While it\u2019s important to note that not every vulnerability signals an imminent cyber threat \u2013 an increase in web-based applications correlates to a possible overall increase in vulnerabilities \u2013 the data does highlight the importance of implementing a thorough vulnerability management program to stay on top of critical and high-severity vulnerabilities that may impact core business applications. <\/p>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-251779da\" data-id=\"251779da\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-inner-section elementor-element elementor-element-45d82c7a elementor-section-height-min-height elementor-section-content-middle elementor-section-boxed elementor-section-height-default\" data-id=\"45d82c7a\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;gradient&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-27f4e897\" data-id=\"27f4e897\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3a683bf8 elementor-align-start elementor-widget__width-auto elementor-absolute elementor-hidden-mobile elementor-icon-list--layout-traditional elementor-list-item-link-full_width elementor-widget elementor-widget-icon-list\" data-id=\"3a683bf8\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_position&quot;:&quot;absolute&quot;}\" data-widget_type=\"icon-list.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-icon-list-items\">\n\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">5,297<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">5,191<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">7,939<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">6,504<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">6,454<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">14,714<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">16,557<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">17,344<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">18,325<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">20,171<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">25,226<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">29,065<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">40,289<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1c5498b1 elementor-widget elementor-widget-eael-fancy-chart\" data-id=\"1c5498b1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"eael-fancy-chart.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div data-options=\"{&quot;chart&quot;:{&quot;toolbar&quot;:{&quot;show&quot;:&quot;true&quot;},&quot;type&quot;:&quot;bar&quot;,&quot;background&quot;:&quot;&quot;,&quot;height&quot;:&quot;450px&quot;,&quot;width&quot;:&quot;100%&quot;,&quot;animations&quot;:{&quot;enabled&quot;:&quot;true&quot;,&quot;easing&quot;:&quot;easeinout&quot;,&quot;speed&quot;:1100,&quot;animateGradually&quot;:{&quot;delay&quot;:250}},&quot;offsetX&quot;:0,&quot;offsetY&quot;:0,&quot;stacked&quot;:true},&quot;series&quot;:[{&quot;name&quot;:&quot;Low&quot;,&quot;data&quot;:[&quot;514&quot;,&quot; 521&quot;,&quot; 665&quot;,&quot; 591&quot;,&quot; 617&quot;,&quot; 1442&quot;,&quot; 1798&quot;,&quot; 2038&quot;,&quot; 2774&quot;,&quot; 3290&quot;,&quot; 13923&quot;,&quot; 526&quot;,&quot; 2404&quot;]},{&quot;name&quot;:&quot;Medium&quot;,&quot;data&quot;:[&quot;3054&quot;,&quot; 2934&quot;,&quot; 5349&quot;,&quot; 3557&quot;,&quot; 3392&quot;,&quot; 8972&quot;,&quot; 10478&quot;,&quot; 10977&quot;,&quot; 11178&quot;,&quot; 12843&quot;,&quot; 8039&quot;,&quot; 11709&quot;,&quot; 18801&quot;]},{&quot;name&quot;:&quot;High&quot;,&quot;data&quot;:[&quot;768&quot;,&quot; 825&quot;,&quot; 1117&quot;,&quot; 1195&quot;,&quot; 1093&quot;,&quot; 2772&quot;,&quot; 2713&quot;,&quot; 2910&quot;,&quot; 2868&quot;,&quot; 2865&quot;,&quot; 2404&quot;,&quot; 11650&quot;,&quot; 13954&quot;]},{&quot;name&quot;:&quot;Critical&quot;,&quot;data&quot;:[&quot;961&quot;,&quot; 911&quot;,&quot; 808&quot;,&quot; 1161&quot;,&quot; 1352&quot;,&quot; 1528&quot;,&quot; 1568&quot;,&quot; 1419&quot;,&quot; 1505&quot;,&quot; 1173&quot;,&quot; 860&quot;,&quot; 5180&quot;,&quot; 5130&quot;]}],&quot;xaxis&quot;:{&quot;categories&quot;:[&quot;2012&quot;,&quot;2013&quot;,&quot;2014&quot;,&quot;2015&quot;,&quot;2016&quot;,&quot;2017&quot;,&quot;2018&quot;,&quot;2019&quot;,&quot;2020&quot;,&quot;2021&quot;,&quot;2022&quot;,&quot;2023&quot;,&quot;2024&quot;],&quot;labels&quot;:{&quot;show&quot;:&quot;yes&quot;,&quot;style&quot;:{&quot;cssClass&quot;:&quot;eael_fancy_cahrt_xaxis&quot;,&quot;colors&quot;:&quot;#FFFFFF&quot;}},&quot;position&quot;:&quot;bottom&quot;},&quot;yaxis&quot;:{&quot;show&quot;:true,&quot;opposite&quot;:&quot;&quot;,&quot;labels&quot;:{&quot;show&quot;:&quot;yes&quot;,&quot;style&quot;:{&quot;cssClass&quot;:&quot;eael_fancy_cahrt_yaxis&quot;,&quot;colors&quot;:&quot;#FFFFFF&quot;}}},&quot;legend&quot;:{&quot;show&quot;:&quot;true&quot;,&quot;position&quot;:&quot;bottom&quot;,&quot;labels&quot;:{&quot;colors&quot;:&quot;#FFFFFFD9&quot;},&quot;fontSize&quot;:&quot;13px&quot;,&quot;horizontalAlign&quot;:&quot;center&quot;,&quot;markers&quot;:{&quot;width&quot;:20,&quot;height&quot;:20,&quot;strokeWidth&quot;:&quot;0&quot;,&quot;strokeColor&quot;:&quot;#fff&quot;,&quot;radius&quot;:2,&quot;offsetX&quot;:&quot;&quot;,&quot;offsetY&quot;:&quot;&quot;}},&quot;tooltip&quot;:{&quot;enabled&quot;:&quot;yes&quot;,&quot;y&quot;:{&quot;prefix&quot;:&quot;&quot;,&quot;suffix&quot;:&quot;&quot;}},&quot;grid&quot;:{&quot;show&quot;:&quot;true&quot;,&quot;borderColor&quot;:&quot;#DDDDDD17&quot;,&quot;strokeDashArray&quot;:0,&quot;xaxis&quot;:{&quot;lines&quot;:{&quot;show&quot;:&quot;false&quot;}},&quot;yaxis&quot;:{&quot;lines&quot;:{&quot;show&quot;:&quot;&quot;}}},&quot;plotOptions&quot;:{&quot;bar&quot;:{&quot;borderRadius&quot;:&quot;&quot;,&quot;dataLabels&quot;:{&quot;position&quot;:&quot;center&quot;},&quot;horizontal&quot;:true,&quot;columnWidth&quot;:45,&quot;barHeight&quot;:45}},&quot;stroke&quot;:{&quot;show&quot;:&quot;true&quot;,&quot;lineCap&quot;:&quot;butt&quot;,&quot;colors&quot;:[&quot;#FFFFFF00&quot;],&quot;width&quot;:20,&quot;dashArray&quot;:4},&quot;dataLabels&quot;:{&quot;enabled&quot;:false,&quot;style&quot;:{&quot;colors&quot;:[&quot;#fff&quot;],&quot;fontSize&quot;:&quot;12px&quot;}},&quot;responsive&quot;:[{&quot;breakpoint&quot;:767,&quot;options&quot;:{&quot;plotOptions&quot;:{&quot;bar&quot;:{&quot;horizontal&quot;:true,&quot;columnWidth&quot;:32,&quot;barHeight&quot;:32}}}}],&quot;colors&quot;:[&quot;#0059B2&quot;,&quot;#0099FF&quot;,&quot;#FF730F&quot;,&quot;#F83300&quot;],&quot;fill&quot;:{&quot;colors&quot;:[&quot;#0059B2&quot;,&quot;#0099FF&quot;,&quot;#FF730F&quot;,&quot;#F83300&quot;],&quot;opacity&quot;:0.9,&quot;type&quot;:&quot;solid&quot;}}\" class=\"eael_fanct_chart_wrapper\">\n\t\t\t<div class=\"eael_fancy_chart_header\">\n\t\t\t\t\t\t\t\t<p>\n\t\t\t\t\tYoY Vulnerability CVSS v3 Severity Breakdown\t\t\t\t<\/p>\n\t\t\t\t\t<\/div>\n\t\t<div class=\"eael_fancy_chart\" id=\"eael_fancy_chart-1c5498b1\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5e2abee0 elementor-hidden-mobile elementor-widget elementor-widget-heading\" data-id=\"5e2abee0\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h6 class=\"elementor-heading-title elementor-size-default\"><span class=\"aw-total-mask\"><span class=\"gr-text\">Total<\/span><\/span><\/h6>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3e187cbc elementor-absolute elementor-widget elementor-widget-text-editor\" data-id=\"3e187cbc\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_position&quot;:&quot;absolute&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<span class=\"aw-table-source\"><a href=\"https:\/\/www.cvedetails.com\/\" target=\"_blank\" rel=\"noopener\">Source: cvedetails.com<\/a><\/span>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-top-section elementor-element elementor-element-23be90dd elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"23be90dd\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-69127646\" data-id=\"69127646\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-inner-section elementor-element elementor-element-735c77a5 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"735c77a5\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-2ee4ae24\" data-id=\"2ee4ae24\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4c11fee2 elementor-invisible elementor-widget elementor-widget-heading\" data-id=\"4c11fee2\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeIn&quot;,&quot;_animation_delay&quot;:100}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">A look at <span class=\"gr-text-aurora\">the Top 25 Vulnerabilities<\/span><\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<div class=\"elementor-element elementor-element-5bf4f12d elementor-widget__width-initial elementor-invisible elementor-widget elementor-widget-heading\" data-id=\"5bf4f12d\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeIn&quot;,&quot;_animation_tablet&quot;:&quot;fadeIn&quot;,&quot;_animation_delay&quot;:200}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h5 class=\"elementor-heading-title elementor-size-default\">In our list of the 25 most exploited vulnerabilities of the year, you'll uncover trends and insights you can use to guide your remediation and vulnerability management plans in the new year. Hopefully this list helps your organisation understand how valuable risk-based vulnerability management is, especially as expanded attack surfaces and the rise of web-based applications have led to a vast increase in the sheer number of vulnerabilities, alongside an increase in the number of critical and high-severity vulnerabilities.<\/h5>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-58cfedc7 elementor-widget elementor-widget-html\" data-id=\"58cfedc7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<a name = \"aw_filter_reset_anchor\" id = \"aw_filter_reset_anchor\"><\/a>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-top-section elementor-element elementor-element-e3a3041 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"e3a3041\" data-element_type=\"section\" data-e-type=\"section\" id=\"top-vulnerabilities\" data-settings=\"{&quot;background_background&quot;:&quot;gradient&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t\t<div class=\"elementor-background-overlay\"><\/div>\n\t\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-5000b9f3 filters-navy-mobile\" data-id=\"5000b9f3\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-382cde16 elementor-position-inline-start elementor-mobile-position-inline-start icon-inline elementor-view-default elementor-widget elementor-widget-icon-box\" data-id=\"382cde16\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-icon-box-wrapper\">\n\n\t\t\t\t\t\t<div class=\"elementor-icon-box-icon\">\n\t\t\t\t<span  class=\"elementor-icon\">\n\t\t\t\t<i aria-hidden=\"true\" class=\"fas fa-sliders-h\"><\/i>\t\t\t\t<\/span>\n\t\t\t<\/div>\n\t\t\t\n\t\t\t\t\t\t<div class=\"elementor-icon-box-content\">\n\n\t\t\t\t\t\t\t\t\t<h3 class=\"elementor-icon-box-title\">\n\t\t\t\t\t\t<span  >\n\t\t\t\t\t\t\tFilters\t\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/h3>\n\t\t\t\t\n\t\t\t\t\n\t\t\t<\/div>\n\t\t\t\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1b9b2ccd elementor-widget elementor-widget-html\" data-id=\"1b9b2ccd\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<span class=\"aw-filters-reset aw-filters-reset-body-area\" onclick=\"aw_filter_reset()\"><i aria-hidden=\"true\" class=\"fas fa-times\"><\/i> Clear filters<\/span>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-53e5759e aw-vuln-accordion-styles elementor-widget elementor-widget-html\" data-id=\"53e5759e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"aw-filters-tabs\">\n      <div class=\"aw-filters-tab\">\n        <input type=\"checkbox\" id=\"chck1\" class=\"faux-input\">\n        <label class=\"aw-filters-tab-label\" for=\"chck1\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-box-open\"><\/i> Vendor<\/label>\n        <div class=\"aw-filters-tab-content\">\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".vendor-beyondtrust\"><span class=\"checkmark\"><\/span> BeyondTrust<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".vendor-cisco\"><span class=\"checkmark\"><\/span> Cisco<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".vendor-cleo\"><span class=\"checkmark\"><\/span> Cleo<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".vendor-connectwise\"><span class=\"checkmark\"><\/span> ConnectWise<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".vendor-fortinet\"><span class=\"checkmark\"><\/span> Fortinet<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".vendor-ivanti\"><span class=\"checkmark\"><\/span> Ivanti<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".vendor-jetbrains\"><span class=\"checkmark\"><\/span> JetBrains<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".vendor-microsoft\"><span class=\"checkmark\"><\/span> Microsoft<\/label>\n\t\t\t<label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".vendor-palo-alto-networks\"><span class=\"checkmark\"><\/span> Palo Alto Networks<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".vendor-sciencelogic\"><span class=\"checkmark\"><\/span> ScienceLogic<\/label>\n\t\t\t<label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".vendor-sonicwall\"><span class=\"checkmark\"><\/span> SonicWall<\/label>\n\t\t\t<label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".vendor-veeam\"><span class=\"checkmark\"><\/span> Veeam<\/label>\n        <\/div>\n      <\/div>\n\t\n      <div class=\"aw-filters-tab\">\n        <input type=\"checkbox\" id=\"chck2\" class=\"faux-input\">\n        <label class=\"aw-filters-tab-label\" for=\"chck2\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-chart-area\"><\/i> Score Range <span class=\"hide-tablet\">v3<\/span><\/label>\n        <div class=\"aw-filters-tab-content\">\n\n            <label class=\"checkbox\"><input type=\"checkbox\" class=\"aw-filter-check\" onClick=\"aw_filter()\" awn-filter=\".data-score-65,.data-score-72,.data-score-75,.data-score-78\"><span class=\"checkmark\"><\/span> 6-7<\/label>\n            <label class=\"checkbox\"><input type=\"checkbox\" class=\"aw-filter-check\" onClick=\"aw_filter()\" awn-filter=\".data-score-88,.data-score-91,.data-score-98,.data-score-99,.data-score-10\"><span class=\"checkmark\"><\/span> 8-10<\/label>\n         <\/div>\n      <\/div>\n\t\n\t <div class=\"aw-filters-tab\">\n        <input type=\"checkbox\" id=\"chck3\" class=\"faux-input\">\n        <label class=\"aw-filters-tab-label\" for=\"chck3\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-skull\"><\/i> <span class=\"hide-tablet\">NVD Risk<\/span> Rating<\/label>\n        <div class=\"aw-filters-tab-content\">\n            <label class=\"checkbox\"><input type=\"checkbox\" class=\"aw-filter-check\" onClick=\"aw_filter()\" awn-filter=\".rating-top-ten\"><span class=\"checkmark\"><\/span> Top Ten<\/label>\n          <label class=\"checkbox\"><input type=\"checkbox\" class=\"aw-filter-check\" onClick=\"aw_filter()\" awn-filter=\".rating-critical\"><span class=\"checkmark\"><\/span> Critical<\/label>\n          <label class=\"checkbox\"><input type=\"checkbox\" class=\"aw-filter-check\" onClick=\"aw_filter()\" awn-filter=\".rating-high\"><span class=\"checkmark\"><\/span> High<\/label>\n          <label class=\"checkbox\"><input type=\"checkbox\" class=\"aw-filter-check\" onClick=\"aw_filter()\" awn-filter=\".rating-medium\"><span class=\"checkmark\"><\/span> Medium<\/label>\n        <\/div>\n      <\/div>\n\t\n\t<div class=\"aw-filters-tab\">\n        <input type=\"checkbox\" id=\"chck4\" class=\"faux-input\">\n        <label class=\"aw-filters-tab-label\" for=\"chck4\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-user-check\"><\/i> Privileges<\/label>\n        <div class=\"aw-filters-tab-content\">\n            <label class=\"checkbox\"><input type=\"checkbox\" class=\"aw-filter-check\" onClick=\"aw_filter()\" awn-filter=\".priv-unauthenticated\"><span class=\"checkmark\"><\/span> Unauthenticated<\/label>\n            <label class=\"checkbox\"><input type=\"checkbox\" class=\"aw-filter-check\" onClick=\"aw_filter()\" awn-filter=\".priv-authenticated\"><span class=\"checkmark\"><\/span> Authenticated<\/label>          \n        <\/div>\n      <\/div>\n\t\n\t<div class=\"aw-filters-tab\">\n        <input type=\"checkbox\" id=\"chck5\" class=\"faux-input\">\n        <label class=\"aw-filters-tab-label\" for=\"chck5\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-code\"><\/i> Type<\/label>\n        <div class=\"aw-filters-tab-content\">\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".type-authentication-bypass\"><span class=\"checkmark\"><\/span> Authentication Bypass<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".type-authentication-bypass-rce\"><span class=\"checkmark\"><\/span> Authentication Bypass\/RCE<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".type-command-injection\"><span class=\"checkmark\"><\/span> Command Injection<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".type-denial-of-service\"><span class=\"checkmark\"><\/span> Denial of Service<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".type-deserialization-rce\"><span class=\"checkmark\"><\/span> Deserialisation\/RCE<\/label>\n\t\t\t<label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".type-improper-access-control\"><span class=\"checkmark\"><\/span> Improper Access Control<\/label>\n\t\t\t<label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".type-memory-corruption\"><span class=\"checkmark\"><\/span> Memory Corruption<\/label>\n\t\t\t<label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".type-missing-authentication\"><span class=\"checkmark\"><\/span> Missing Authentication<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".type-path-traversal-rce\"><span class=\"checkmark\"><\/span> Path Traversal\/RCE<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".type-privilege-escalation\"><span class=\"checkmark\"><\/span> Privilege Escalation<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".type-rce\"><span class=\"checkmark\"><\/span> RCE<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".type-server-side-request-forgery\"><span class=\"checkmark\"><\/span> Server Side Request Forgery<\/label>\n            <label class=\"checkbox\"><input class=\"aw-filter-check\" type=\"checkbox\" onClick=\"aw_filter()\" awn-filter=\".type-spoofing\"><span class=\"checkmark\"><\/span> Spoofing<\/label>\n            \n        <\/div>\n      <\/div>\n<\/div>\n\n  \n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-48cc2b82 elementor-widget elementor-widget-html\" data-id=\"48cc2b82\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<script>\n\nfunction scroll_to_top() {\n    document.querySelector(\"#aw_filter_reset_anchor\").scrollIntoView({\n        behavior: 'smooth'\n    });\n    jQuery(\".results-btn\").addClass(\"hide_this\");\n    jQuery(\".results-btn\").removeClass(\"show_this\");\n}\n\nfunction isScrolledIntoView(el) {\n    var rect = el.getBoundingClientRect();\n    var elemTop = rect.top;\n    var elemBottom = rect.bottom;\n\n    console.log(elemTop);\n\n    isVisible = false;\n    return isVisible;\n}\n\nfunction debounce(callback, wait) {\n  let timeout;\n  return (...args) => {\n      clearTimeout(timeout);\n      timeout = setTimeout(function () { callback.apply(this, args); }, wait);\n  };\n}\n\nfunction aw_filter_reset() {\n\tjQuery(\".aw-filter-check:checked\").prop('checked',false);\n\tmixerURL.filter('all').then(function(state) { results_button_popup(state.totalShow); });\n\tjQuery(\".aw-filters-reset\").removeClass(\"active\");\n\n    scroll_to_top();\n}\n\nfunction lozenge_filter(sFilter) {\n\n    if (sFilter == \"all\") {\n        aw_filter_reset();\n    }\n    else {\n    \n        jQuery(\"input[awn-filter='.\" + sFilter + \"']\").prop(\"checked\",true);\n        if (jQuery(\"input[awn-filter='.\" + sFilter + \"']\").closest(\".aw-filters-tab-content\").height() == 0) {\n            jQuery(\"input[awn-filter='.\" + sFilter + \"']\").closest(\".aw-filters-tab\").find('.aw-filters-tab-label').click();\n        }\n        aw_filter();\n    }\n}\n\nfunction aw_filter() {\n    filter_array = [];\n \n    jQuery(\".aw-filter-check:checked\").each(function(index) {\n   \t\tfilter_array.push(jQuery(this).attr(\"awn-filter\"));\n    });\n\n    if (filter_array.length > 0) {\n       mixerURL.filter(filter_array.join()).then(function(state) { results_button_popup(state.totalShow); });\n\t\tjQuery(\".aw-filters-reset\").addClass(\"active\");\n    }\n    else {\n        promise_wait = mixerURL.filter('all').then(function(state) { results_button_popup(state.totalShow); });\n    }\n}\n\nfunction results_button_popup (mixer_count) {\n    if (mixer_count == 0) {\n        jQuery(\".results-btn\").html(\"No results found - <a onClick='aw_filter_reset()'>Clear Filters<\/a>\ufe0f\");\n    }\n    else {\n        jQuery(\".results-btn\").html(\"<i aria-hidden='true' class='fas fa-arrow-up results-found-arrow'><\/i>\" + mixer_count + \" results found\ufe0f\");\n    }\n    \n    jQuery(\".results-btn\").addClass(\"show_this\");\n    jQuery(\".results-btn\").removeClass(\"hide_this\");\n}\n\nfunction view_change(elem) {\n    jQuery(\".radio-input\").removeClass(\"radio-active\");\n    jQuery(\"#\" + elem).addClass(\"radio-active\");\n\n    aw_filter();\n}\n\n<\/script>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-134d03c6 elementor-widget elementor-widget-html\" data-id=\"134d03c6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-element elementor-element-a8f038a results-btn hide elementor-invisible elementor-widget elementor-widget-eael-creative-button elementor-sticky smoothScroll\" data-id=\"a8f038a\" data-element_type=\"widget\" data-settings=\"{&quot;sticky&quot;:&quot;bottom&quot;,&quot;sticky_offset&quot;:20,&quot;sticky_parent&quot;:&quot;yes&quot;,&quot;_animation&quot;:&quot;bounceInUp&quot;,&quot;sticky_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;,&quot;mobile&quot;],&quot;sticky_effects_offset&quot;:0}\" data-widget_type=\"eael-creative-button.default\" onClick=\"scroll_to_top()\">\n    <a class=\"eael-creative-button eael-creative-button--winona\" href=\"#vulnerability-results\">\n      View X Results\n      <\/a>\n<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-2bcc1523\" data-id=\"2bcc1523\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-1fc6e505 elementor-widget elementor-widget-html\" data-id=\"1fc6e505\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<span class=\"aw-filters-reset aw-filters-reset-body-area aw-filters-placement_grid\" onclick=\"aw_filter_reset()\"><i aria-hidden=\"true\" class=\"fas fa-times\"><\/i> Clear filters<\/span>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6c728bde elementor-widget elementor-widget-html\" data-id=\"6c728bde\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<style>\n\/* MISC *\/\n.aw-total-mask{\n    background:#000;padding:10px 2px\n}\n.apexcharts-grid-borders line {\n    opacity: .1;\n}\n.gr-text-aurora-light {\n    background: -webkit-linear-gradient(120deg, black 5%, #0099ff 40%, #0099ff 55%, #0079FF 70%, #0065CC);\n    background: linear-gradient(120deg, black 5%, #0099ff 40%, #0099ff 55%, #0079FF 70%, #0065CC);\n    -webkit-background-clip: text;\n    -webkit-text-fill-color: transparent;\n    -webkit-box-decoration-break: clone;\n}\n.gr-text-aurora {\n    background: -webkit-linear-gradient(120deg, white 5%, #0099ff 40%, #0099ff 55%, #0079FF 70%, #0065CC);\n    background: linear-gradient(120deg, white 5%, #0099ff 40%, #0099ff 55%, #0079FF 70%, #0065CC);\n    -webkit-background-clip: text;\n    -webkit-text-fill-color: transparent;\n    -webkit-box-decoration-break: clone;\n}\n.aw_vuln_resources_accordion a {\n    transition: all .3s linear;\n}\n.aw_vuln_resources_accordion a:hover {\n    color: #000;\n}\n.aw-filters-reset {\n    color: #fff;\n    font-size: 13px;\n    font-weight: 300;\n    text-align: center;\n    display: block;\n    opacity: .0;\n\tfont-weight: 500;\n    letter-spacing: 0;\n    -webkit-transition: all .6s ease-in-out;\n    transition: all .6s ease-in-out;\n}\n.aw-filters-reset-body-area{color:#f1f1f1;font-size:105%;}\n.aw-filters-reset.active {\n    color: #fff;\n    opacity: 1.0;\n    cursor: pointer;height:auto;\n}\n.aw-filters-reset.active:hover {\n    color: #ff730f;\n    opacity: 1.0;\n}\nspan.aw-filters-reset.aw-filters-reset-body-area.active:hover {\n    color: #ff730f;\n}\n.aw-filters-reset.aw-filters-placement_grid.active {\n    color: #00244c;\n}\n.aw-filters-reset.aw-filters-placement_grid {\n    margin-bottom: -25px;\n}\n     \n    .show_this {\n        display: block !important;\n    }\n    \n    .hide_this {\n        display: none !important;\n    }\n    \n    .no-results {\n        display: none;\n    }\n\n.gr-text {\n    background: -webkit-linear-gradient(45deg, #ff9933, #ff3800 100%);\n    -webkit-background-clip: text;\n    -webkit-text-fill-color: transparent;\n    -webkit-box-decoration-break: clone;\n}\n.gr-border-intro:before {\n    content: \"\";\n    position: absolute;\n    left: 0px;\n    top: 0;\n    height: 100%;\n    width: 2px;\n    background-image: linear-gradient(to bottom, #ee4b00, #ff730f, transparent);\n    z-index: 39;\n}\n.gr-border-intro:after {\n    content: \"\";\n    position: absolute;\n    right: 0px;\n    top: 0;\n    height: 100%;\n    width: 2px;\n    background-image: linear-gradient(to bottom, #ee4b00, #ff730f, transparent);\n    z-index: 39;\n}\nsection.demo-request-shapes:before {\n    position: absolute;\n    left: 50%;\n    top: 0;\n    margin-left: -320px;\n    width: 640px;\n    background: url('\/wp-content\/uploads\/2024\/01\/AW-MR-Vulns-Dark-BG-Shape-Top-240130.png');\n    height: 54px;\n    content: \" \";\n    background-size: cover;\n    z-index: 1\n}\nsection.demo-request-shapes:after {\n    position: absolute;\n    left: 50%;\n    bottom: 0px;\n    margin-left: -320px;\n    width: 640px;\n    background: url('\/wp-content\/uploads\/2024\/01\/AW-MR-Vulns-Dark-BG-Shape-Bottom-240130.png');\n    height: 54px;\n    content: \" \";\n    background-size: cover;\n        z-index: 1\n}\n.gr-border-intro .elementor-widget-wrap.elementor-element-populated {\n    border-image: linear-gradient(to right, #ef4900, #ff9933, #ef4900) 1;\n}\n\/* Data Table *\/\n.aw-vulns-graph_2023 {\n    color: #fff;\n}\n.w-100 {\n    width: 100%;\n}\n.text-start {\n    text-align: left;\n}\n.text-end {\n    text-align: right;\n}\n.aw-vulns-graph_2023 a {\n    color: #fff;\n    font-weight: bold;\n}\n.aw-vulns-graph_2023 a:hover {\n    color: #ff730f;\n}\n.aw-vulns-graph_2023 table td:nth-child(2) {\n    width: 80%;\n    vertical-align: middle;\n}\n.rounded{border-radius: 6px;}\n.aw-table-header{text-transform: uppercase;font-size:12px;font-weight:bold;}\n.aw-total-row{border-top:1px solid #ffffff20;\n\n}\n.aw-table-source a{transition:all .3s;color:#fff;}\n.aw-table-source a:hover{color:#ff730f;}\n\t.aw-table-source-spacer{padding-left:5px;padding-right:5px;}\n\/* end data table *\/\n\n\t\n\t\n\t\n\t\n\/* CRITICALITY NAV *\/\n\n.criticality-head{display:block;font-size:11px;font-weight:400;color:#000;}\n.aw-resources-dropdown ul {\n   list-style: inside;\n}\n.aw-resources-dropdown li a:hover {\n   text-decoration: underline;\n}\n#leadership-nav { \n   margin: 0 auto; \n   list-style: none; \n   position: relative;\n   width: auto; display:flex;justify-content: center;\n}\n#leadership-nav li { \n   display: inline-block;\t\n   margin-right: 40px;\n}\n#leadership-nav li:last-of-type {\n   margin-right: 0px;\n}\n#leadership-nav a { \n   color: #bbb; \n   font-size: 13px;\n   padding: 0px 0px 4px 0px;\n   text-decoration: none;\n   text-transform: uppercase;\n   cursor: pointer;\n}\n#leadership-nav a:hover { \n   color:  #000;\n}\n.leadership-nav-wrap.elementor-sticky--effects {\n   border-bottom: 5px solid #000;\n}\n\n\/*animated line hover or active*\/\n.leadership-nav-item a{position: relative;}\n.leadership-nav-item.active a,\n.leadership-nav-item a:hover\n{ \n   color:  #ff730f !important; \n}\n.leadership-nav-item a:after{\n   content: '' !important;\n   display: inline-block !important;\n   position: absolute !important;\n   left: -15px !important;\n   bottom: -15px !important;\n   height: 3px !important;\n   width: 0 !important;\n   background: linear-gradient(90deg, #fc4d0f, #ff730f) !important;\n   transition: width 0.3s cubic-bezier(0.15, 0.56, 0.17, 0.94) !important;\n   border-radius: 5px;\n}\n.leadership-nav-item a:hover:after,\n.leadership-nav-item.active a:after\n{\n   width: calc(100% + 30px) !important;\n}\n\/*Critcality Nav end*\/\n\t\n\t\n\t\n\/*MODAL STYLES*\/\n\t\n.mfp-wrap {\n\twidth:100%;\n\tmax-width:800px;\n    margin: auto;\n    display: block;\n    left: calc(50% - 400px);\n}\nbody .eael-lightbox-popup-window.lightbox_type_custom_html .eael-lightbox-container{padding:5px;}\n.aw_vuln_resources_accordion span.eael-accordion-tab-title {\n    font-family: \"Encode Sans\", Sans-serif;\n    font-weight: 700;\n    font-size: 11px;\n    line-height: 20px;\n    letter-spacing: 3px;\n    text-transform: uppercase;\n    color: #000000;\n    display: block;\n}\n.eael-lightbox-popup-window button.mfp-close:not(.toggle) {\n    padding: 0px;\n    opacity: 1;\n    height: 40px;\n    width: 40px;\n    top: 8px;\n    right: 8px;\n    font-size: 40px;\n}\n.eael-lightbox-popup-window button.mfp-close:not(.toggle):hover{\n    transition: all .3s linear;\n\t}\n.aw_vuln_resources_accordion .fa-accordion-icon {\n    color: #ff730f;\n}\n.aw_vuln_resources_accordion .eael-accordion-header {\n    padding: 15px;\n    border: 1px solid rgba(0,0,0,.02);\n    background-color: #f1f1f1;\n    font-size: 1rem;\n    font-weight: 600;\n    line-height: 1;\n    -webkit-transition: all .3s ease-in-out;\n    transition: all .3s ease-in-out;\n    display: -webkit-box;\n    display: -ms-flexbox;\n    display: flex;\n    -webkit-box-pack: justify;\n    -ms-flex-pack: justify;\n    justify-content: space-between;\n    -webkit-box-align: center;\n    -ms-flex-align: center;\n    align-items: center;\n    cursor: pointer;\n}\n.eael-advanced-accordion-icon-opened, .aw_vuln_resources_accordion i.fa-toggle.fas.fa-angle-right {\n    display: none;\n}\n.eael-advanced-accordion-icon-closed {\n    display: block;\n}\n\n.eael-adv-accordion .eael-accordion-list .eael-accordion-header>.eael-accordion-tab-title {\n    -webkit-box-flex: 1;\n    -ms-flex-positive: 1;\n    flex-grow: 1;\n    margin: 0;\n\tpadding-left: 20px;\n}\n.eael-adv-accordion .eael-accordion-list .eael-accordion-content {\n    display: none;\n    border: 1px solid #eee;\n    padding: 15px;\n    -webkit-box-sizing: border-box;\n    box-sizing: border-box;\n    font-size: 1rem;\n    line-height: 1.7;\n}\n.eael-adv-accordion .eael-accordion-list .eael-accordion-content ul li {\n    list-style-type: disc;\n    margin-left: 20px;\n}\n.eael-adv-accordion.aw_vuln_resources_accordion .eael-accordion-list .eael-accordion-header:hover,\n.eael-adv-accordion.aw_vuln_resources_accordion .eael-accordion-list .eael-accordion-header.active{\n    background-color: #00244c;\n}\n.eael-adv-accordion.aw_vuln_resources_accordion .eael-accordion-list .eael-accordion-header:hover span.eael-accordion-tab-title,\n.eael-adv-accordion.aw_vuln_resources_accordion .eael-accordion-list .eael-accordion-header:hover .fa-toggle,\n.eael-adv-accordion.aw_vuln_resources_accordion .eael-accordion-list .eael-accordion-header.active span.eael-accordion-tab-title,\n.eael-adv-accordion.aw_vuln_resources_accordion .eael-accordion-list .eael-accordion-header.active .fa-toggle{\n    color: #fff;\n}\n.aw_vuln_resources_accordion .eael-accordion-list {\n    margin-bottom: 10px;\n}\np.aw-vuln-canvas-body-copy {\n    margin-bottom: 30px;\n    font-weight: 400;\n    font-size: 17px;\n    line-height: 27px;\n    color: #444444;\n}\nh6.aw-vuln-name-subhead {\n    font-weight: 800;\n    font-size: 12px;\n    line-height: 20px;\n    letter-spacing: 4px;\n    text-transform: uppercase;\n    color: #fff;\n    display: block;\n}\nh5.aw-vuln-canvas-title-subhead {\n    font-family: \"Encode Sans\", Sans-serif;\n    font-weight: 700;\n    font-size: 18px;\n    line-height: 22px;\n    color: #0059b2;\n    margin: 0 0 8px 0px;\n}\nh3.aw-vuln-canvas-title {\n    font-weight: 700;\n    font-size: 36px;\n    line-height: 43px;\n    color: #FFFFFF;\n    margin-bottom: 5px;\n    width:90%;\n}\nh4.aw-vuln-canvas-title-description {\n    font-family: 'Lato';\n    font-style: normal;\n    font-weight: 400;\n    font-size: 20px;\n    line-height: 28px;\n    letter-spacing: 0.3px;\n    color: #FFFFFF;\n}\n.aw-vuln-item-content-info {\n    width: 100%;\n    display: flex;\n    margin-top: 30px;\n}\nbody.page-template-default .eael-offcanvas-content .eael-offcanvas-body {\n    padding-left: 0px;\n    padding-right: 0px;\n}\n.aw-vuln-canvas-content {\n\tposition: relative;\n\tmax-width: 600px;\n}\n.aw-vuln-canvas-content-main {\n    padding: 40px;\n}\n.aw-vuln-canvas-content-main {\n    padding: 48px 40px 40px 40px;\n    position: relative;\n}\n.aw-vuln-canvas-content-main:before {\n    content: \"\";\n    position: absolute;\n    left: 0;\n    top: 0;\n    right: 0;\n    height: 8px;\n    background: linear-gradient(90deg, #83d6ff 0%, #0066ff 100%);\n}\n.aw-vuln-canvas-content-top {\n    background-color:#00244c;\n\tbackground-image: url('https:\/\/arcticwolf.com\/wp-content\/uploads\/2025\/01\/AW-MR-Vuln-LP-BG-05-flipped-2024-1024x596-1.jpg');\n    background-size: cover;\n    background-position: top center;\n    color: #fff;\n    padding: 40px; \n\tbackground-color: #0d091a;\n}\n.eael-offcanvas-content-open .eael-offcanvas-container:before {\n    position: absolute;\n    height: 100%;\n    width: 100%;\n    background: #00000050;\n    top: 0px;\n    left: 0px;\n    display: block;\n    content: \"\";\n    z-index: 2222;\n    backdrop-filter: blur(8px);\n    -webkit-backface-visibility: hidden;\n    -moz-backface-visibility: hidden;\n    backface-visibility: hidden;\n}\n.aw-vuln-col-score, .aw-vuln-col-rating, .aw-vuln-col-patch {\n    width: 33%;\n    max-width: 100%;\n    padding-left: 0;\n    text-decoration: none !important;\n}\n.aw-vuln-col-score span, .aw-vuln-col-rating span, .aw-vuln-col-patch span {\n    font-weight: 700;\n    font-size: 11px;\n    line-height: 20px;\n    letter-spacing: 3px;\n    text-transform: uppercase;\n    color: #AAAAAA;\n}\n.eael-lightbox-container .aw-vuln-col-score ul, .eael-lightbox-container .aw-vuln-col-rating ul, .eael-lightbox-container .aw-vuln-col-patch ul {\n    padding-left: 0px;\n}\n.eael-lightbox-container .aw-vuln-col-score ul li, .eael-lightbox-container .aw-vuln-col-rating ul li, .eael-lightbox-container .aw-vuln-col-patch ul li {\n    font-family: \"Encode Sans\", Sans-serif;\n    font-weight: 700;\n    font-size: 40px;\n    line-height: 48px;\n    letter-spacing: 0.4px;\n    color: #FFFFFF;\n}\n.eael-lightbox-container .aw-vuln-col-score ul li, .eael-lightbox-container .aw-vuln-col-rating ul li, .eael-lightbox-container .aw-vuln-col-patch ul li {\n    font-family: \"Encode Sans\", Sans-serif;\n    font-weight: 800;\n    font-size: 26px;\n    line-height: 26px;\n    color: #FFFFFF;\n}\na.aw-vuln-col-patch-link {\n    width: 100%;\n    font-family: 'Lato';\n    font-weight: 600;\n    font-size: 12px;\n    line-height: 18px;\n    color: #FFFFFF;\n    display: inline-flex;\n    width: auto;\n    cursor: pointer;\n    transition: all 0.3s ease;\n    align-items: center;\n    text-transform: uppercase;\n}\na.aw-vuln-col-patch-link img {\n    max-width: 18px;\n    margin-right: 10px;\n}\na.aw-vuln-col-patch-link:hover {\n    text-decoration: underline;\n}\n\/*end off canvas*\/\n\n\n.aw-vuln-display-flexer .elementor-widget-container {\n    display: flex;\n}\n.aw-vuln-article-grid_content {\n    overflow: hidden;\n}\n.aw-vuln-card-grid {\n    width: 100%;\n    background: #eee;\n    padding-bottom: 0.5rem;\n    min-height: 350px;\n    text-align: justify;\n    -webkit-flex-grow: 1;\n    -webkit-flex-flow: row wrap;\n    -webkit-justify-content: space-between;\n    -webkit-align-content: flex-start;\n    display: flex;\n    flex-grow: 1;\n    flex-flow: row wrap;\n    justify-content: space-between;\n    align-content: flex-start;\n}\n.aw-vuln-card-grid>* {\n    display: inline-block;\n    vertical-align: top;\n    text-align: left;\n}\n.aw-vuln-card-grid>.aw-vuln-card {\n    margin-bottom: 1rem;\n    width: 100%;\n    display: -webkit-inline-flex;\n    display: inline-flex;\n    -webkit-flex-direction: column;\n    flex-direction: column;\n}\n.aw-vuln-article-card {\n    border-radius: 15px;\n    background: #fff;\n    cursor: pointer;\n    transition: background 550ms;\n    will-change: contents;\n}\n.aw-vuln-card-grid>.aw-vuln-card, .aw-vuln-card-grid_gap {\n    width: calc(25% - 0.75rem);\n\t\/* padding:20px; *\/\n\tpadding: 0;\n} \n.aw-vuln-article-card_content {\n    color: #333;\n    width: 100%;\n    -webkit-flex-grow: 1;\n    flex-grow: 1;\n}\n\/* .aw-vuln-article-card_footer{padding-top:35px;} *\/\n.aw-vuln-article-card_content {padding: 20px 20px 35px 20px;}\n.aw-vuln-article-card_footer{padding: 0 20px 20px 20px;}\n.aw-vuln-article-card_content time,\n.aw-vuln-article-card_content .vuln-name-subhead{\n    display: block;\n    margin-bottom: 0px;\n\ttext-transform: uppercase;\n}\na.aw-vuln-article-card_content.wrapper,\na.lozenge.lozenge__category{\n    color: #333;\n\ttransition: color 150ms;\n}\nh2.aw-vuln-card-title {\n    font-weight: 900;\n    font-size: 1.3rem;\n    line-height: 1.4em;\n    margin-bottom: 0.5em;\n    max-width: 40rem;\n}\ntime.time,\nspan.vuln-name-subhead{\n    font-size: 12px;\n    font-weight: 900;\n\tletter-spacing: 1px;\n}\n.lozenge, button.lozenge {\n    display: inline-block;\n    padding: 4px 0.7rem;\n    background: #f4f4f4;\n    border-radius: 999px;\n    font-size: .9rem;\n    font-weight: 400;\n    color: #333;\n    line-height: 1.2;\n    transition: background 150ms,color 150ms;\n    vertical-align: middle;\n    -webkit-font-feature-settings: 'lnum';\n    -moz-font-feature-settings: 'lnum';\n    font-feature-settings: 'lnum';\n    text-transform: none;\n    border: none !important;\n    letter-spacing: 0px;\n    font-weight: 700;\n    font-size: .8rem;\n}\n.lozenge__category, button.lozenge__category {\n    font-weight: 700;\n    font-size: .8rem;\n}\n.lozenge-list .lozenge {\n    margin: 0.5rem 0.5rem 0 0;\n    vertical-align: top;\n}\n\/*Criticality*\/\nh6.aw-criticality-score-wrap {\n    font-weight: 900;\n    font-family: 'Encode Sans', sans-serif;\n    color: #e4e4e4;\n\tposition: relative;\n}\n.rating-critical span.aw-criticality-score {\n    color: #ea3838;\n}\n.rating-high span.aw-criticality-score {\n    color: #ff8000;\n}\n.rating-medium span.aw-criticality-score {\n    color: #ffbc10;\n}\nh6.aw-criticality-score-wrap {\n    float: right;\n    margin-top: -10px;\n}\n.rating-top-ten h6.aw-criticality-score-wrap:after {\n    content: \"Top 10\";\n    display: block;\n    position: absolute;\n    right: 0px;\n    color: #333;\n    text-transform: uppercase;\n    font-size: 10px;\n    bottom: -25px;\n    border-top: 1px solid #ddd;\n\ttransition: all .2s linear;\n}\n\t\n\/*Card Hover States*\/\n.aw-vuln-article-card:hover {\n        background-color: #00244c;\n    background-image: linear-gradient(0deg, #0066FF90 0%, transparent 64%);\n    transition: all 450ms;\n\tcursor: pointer !important;\n}\n.aw-vuln-article-card:hover a.aw-vuln-article-card_content.wrapper {\n    color: #fff;\n}\n.aw-vuln-article-card:hover a.lozenge.lozenge__category,\n.aw-vuln-article-card:hover button.lozenge.lozenge__category {\n    background-color: rgba(255,255,255,.10);\n    color: #fff;\n}\n.aw-vuln-article-card:hover h6.aw-criticality-score-wrap {\n    color:#ffffff20;\n}\n.rating-top-ten.aw-vuln-article-card:hover h6.aw-criticality-score-wrap:after {\n    color: #fff;\n    border-top: 1px solid #ffffff20;\n}\n.aw-vuln-article-card:hover a.lozenge.lozenge__category:hover,\n.aw-vuln-article-card:hover button.lozenge.lozenge__category:hover{\n    background-color: #fff;\n    color: #00244c;\n}\n\t\n\/*end hover states*\/\n\n\n  \/* No Results *\/\nsection.no-results {\n   text-align: center;\n   padding: 50px 25px;\n   border: 1px solid #d5d5d5;\n}\n.no-results .elementor-heading-title {\n   text-transform: uppercase;\n   font-size: 20px;\n   margin-bottom: 30px;\n}\nbutton.no-results-button {\n   background-color: #000;\n   border: none;\n}\nbutton.no-results-button:hover {\n   background-color: #1c1c1c;\n}\n.results-btn {\n    width: 100%;\n    max-width: 250px;\n    cursor: pointer;\n    z-index: 999999;\n    position: fixed;\n    bottom: 90px;\n    left: 50%;\n    margin-left: 75px;\n    text-align: center;\n    border-radius: 100px;\n    border: 1px solid #e1e1e1;\n    transition: transform .5s;\n    font-family: 'Lato', Arial, sans-serif;\n    display: inline-block;\n    padding: 19px 30px 19px 30px !important;\n    color: white;\n    border: 0 !important;\n    box-shadow: 0 2px 9px rgba(0,0,0,0.25);\n    background-color: #ff730f;\n    background-image: linear-gradient(to right, #ff9933, #ef4900, #ef4900, #ff9933) !important;\n    background-size: 300% 100%;\n}\n.results-btn:hover{\n   transform:scale(1.06);\n\tbackground-position: 100% 0 !important;\n    box-shadow: 0 5px 18px rgb(0 0 0 \/ 30%);\n}\n.results-found-arrow {\n   margin-right: 10px;\n   font-size: 13px;\n   top: -1px;\n   position: relative;\n}\n.results-btn.hide {display:none;}\t \n\n\/* end no results styles *\/\n  \n  \n  \n    \n\/*SIDEBAR FILTER STYLES*\/\n\n\/* Accordion styles *\/\n.aw-filters-tabs {\n  overflow: hidden;\n}\n\n.aw-filters-tab {\n  width: 100%;\n  color: white;\n  overflow: hidden;\n  border-bottom:1px solid #ffffff;\n}\n.aw-filters-tab-label {\n    display: block;\n    \/* justify-content: center; *\/\n    padding: 1em;\n    font-weight: bold;\n    cursor: pointer;\n    text-transform: uppercase;\n    font-size: 12px;\n    font-weight: 400;\n    letter-spacing: 2px;\n}\n.aw-filters-tab-label:hover {\n}\n.aw-filters-tab-label::after {\n    content: \"\u276f\";\n    width: 1em;\n    height: 1em;\n    text-align: right;\n    transition: all 0.35s;\n    float: right;\n}\n.aw-filters-tab-content {\n  max-height: 0;\n  padding: 0 1em;\n  color: #ffffff;\n  transition: all 0.35s;\n}\n.aw-filters-tab .fa-accordion-icon {\n    margin-right: 10px;\n}\n\ninput.faux-input{position: absolute;\nopacity: 0;\nz-index: -1;}\ninput.faux-input:checked + .aw-filters-tab-label {\n  background: #00000022;\n}\ninput.faux-input:checked + .aw-filters-tab-label::after {\n  transform: rotate(90deg);\n}\ninput.faux-input:checked ~ .aw-filters-tab-content {\n  max-height: 100vh;\n  padding: 1em;\n}\n\n \/* The radio btn *\/\n .radio-input { \n position: absolute;\n visibility: hidden;\n}\n\n.radio-label {\n cursor: pointer;\n display: block;  \n height: 1.625rem;\n line-height: 1.625rem;\n margin-right: 1rem;\n margin-bottom:10px;\n position: relative;\n vertical-align: top;\n color:#fff;\n \n}\n\n.radio-label:before {\n background-color: #eeeeee;\n border-radius: .8rem;\n content: \"\";  \n display: inline-block;\n height: 1.6rem;\n margin-right: .4rem;\n width: 1.6rem;  \n vertical-align: top;\n}  \n.radio-label:hover:before {\n background-color: #cccccc;\n border: .1rem solid #aaa;\n border-radius: .8rem;\n content: \"\";  \n display: inline-block;\n height: 1.6rem;\n margin-right: .4rem;\n width: 1.6rem;  \n vertical-align: top;\n} \ninput[type=radio]:checked + label:before{background-color:#ff730f;background: -webkit-linear-gradient(45deg, #ff9933, #ff3800 100%);}\n\ninput[type=radio]:checked + label:after {\n    background: #fff;\n    border-radius: 0.5rem;\n    content: '';\n    height: 0.7rem;\n    left: 0.45rem;\n    position: absolute;\n    top: 0.45rem;\n    width: 0.7rem;\n}\n \n  \/* The checkbox *\/\n.checkbox {\n display: block;\n position: relative;\n padding-left: 35px;\n margin-bottom: 10px;\n margin-top: 5px;\n cursor: pointer;\n -webkit-user-select: none;\n -moz-user-select: none;\n -ms-user-select: none;\n user-select: none;color:#fff;\n}\n\n\/* Hide the browser's default checkbox *\/\n.checkbox input {\n position: absolute;\n opacity: 0;\n cursor: pointer;\n height: 0;\n width: 0;\n}\n\n\/* Create a custom checkbox *\/\n.checkmark {\n position: absolute;\n top: 0;\n left: 0;\n height: 25px;\n width: 25px;\n background-color: #eee;\n}\n\n\/* On mouse-over, add a grey background color *\/\n.checkbox:hover input ~ .checkmark {\n background-color: #cccccc;\n}\n\n\/* When the checkbox is checked, add a blue background *\/\n.checkbox input:checked ~ .checkmark {\n    background-color: #ff730f;\n    background: -webkit-linear-gradient(45deg, #ff9933, #ff3800 100%);\n}\n\n\/* Create the checkmark\/indicator (hidden when not checked) *\/\n.checkmark:after {\n content: \"\";\n position: absolute;\n display: none;\n}\n\n\/* Show the checkmark when checked *\/\n.checkbox input:checked ~ .checkmark:after {\n display: block;\n}\n\n\/* Style the checkmark\/indicator *\/\n.checkbox .checkmark:after {\n left: 10px;\n top: 7px;\n width: 5px;\n height: 10px;\n border: solid white;\n border-width: 0 3px 3px 0;\n -webkit-transform: rotate(45deg);\n -ms-transform: rotate(45deg);\n transform: rotate(45deg);\n}\n.blog-box-title{margin:auto;}\n\/*END OFF CANVAS STYLES *\/\n\n\n\/* @MEDIA QUERIES *\/\n\n@media (min-width:1025px){\n    \t.boxes-pull-right{\n    position: relative; right:-10%;}\n}\n@media (max-width:1500px){\n\t.aw-vuln-card-grid>.aw-vuln-card, .aw-vuln-card-grid_gap {width: calc(33% - 0.75rem);}\n\t.hide-tablet{display: none;}\n}\n@media (max-width:1167px){\n\t.aw-vuln-card-grid>.aw-vuln-card, .aw-vuln-card-grid_gap {width: calc(50% - 0.75rem);}\n}\n @media (max-width:1024px){\n.results-btn {\n    bottom: 35px;\n    max-width: 210px;\n    left: 50%;\n    border-radius: 5px;\n    line-height: 18px;\n    padding: 15px 10px;\n    margin-left: initial;\n}\n.aw-table-source a{display:block;}\n.aw-table-source-spacer{display: none;}\n}\n@media (max-width:860px){\n\t.aw-vuln-card-grid>.aw-vuln-card, .aw-vuln-card-grid_gap {width: calc(100% - 0.75rem);}\n}\n\t\n\t\n@media (max-width:767px){\n\t\tsection.demo-request-shapes:before,\n\t\tsection.demo-request-shapes:after {display: none;}\n\t\t.filters-navy-mobile{background-color: #00244c;}\n\t\t.aw-vuln-item-content-info {display: block;}\n\t\t.aw-vuln-col-score,\n\t\t.aw-vuln-col-rating,\n\t\t.aw-vuln-col-patch {width: 100%;text-align: center;}\n\t\t.aw-vuln-col-rating {\n              border-top: 1px solid #ffffff;\n              margin-top: 10px;\n              padding-top: 10px;\n              margin-bottom: 10px;\n              padding-bottom: 10px;\n              border-bottom: 1px solid #ffffff;\n          }\n\t\th3.aw-vuln-canvas-title {font-size: 28px;line-height: 36px;}\n\t\th4.aw-vuln-canvas-title-description{font-size: 18px;}\n\t\t.aw-vuln-canvas-content-main {padding: 40px 20px 20px 20px;}\n\t\t.mfp-zoom-in.mfp-ready .eael-lightbox-popup-window{padding-top:50px;padding-bottom:50px;}\n\t\t.eael-lightbox-popup-window button.mfp-close:not(.toggle){top:58px;}\n\t.results-btn{margin-left:-105px;}\n\t.mfp-wrap {left: inherit;}\n\t.eael-lightbox-popup-window{max-width:98%;}\n}\n\n\n@media (max-width:639px){\n#leadership-nav a{font-size:12px;}\n#leadership-nav li {margin-right: 20px;}\n.eael-lightbox-popup-window{max-width:98%;}\n.aw-filters-tab-content{overflow: hidden;}\n.aw-filters-reset{opacity: .2;margin-bottom:-15px;}\n.aw-vuln-canvas-content-top{padding-left:15px;padding-right:15px;\n}\n.aw-filters-reset.aw-filters-placement_grid{color:#00244c;}\n}\n@media (max-width:400px){\n\n#leadership-nav a{font-size:11px;}\n#leadership-nav li {margin-right: 10px;}\n    }\n\n.aw-vuln-canvas-content-main {\n    background: white;\n}\n    \n<\/style>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1e1acf09 elementor-widget elementor-widget-eael-lightbox\" data-id=\"1e1acf09\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"eael-lightbox.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\n\n\t\t<div data-lightbox-type=\"lightbox_type_custom_html\" data-lightbox-type-url=\"\" data-lightbox-trigger-pageload=\"1\" class=\"eael-lightbox-wrapper\" data-trigger=\"eael_lightbox_trigger_external\" data-lightbox-id=\"lightbox_6a031f7ae08f4\" data-type=\"inline\" data-src=\"#eael-lightbox-window-6a031f7ae08f4\" data-popup-layout=\"eael-lightbox-popup-fullscreen\" data-main-class=\"eael-lightbox-modal-popup-1e1acf09\" data-close_button=\"yes\" data-esc_exit=\"yes\" data-click_exit=\"yes\" data-effect=\"animated mfp-zoom-in\" data-trigger-element=\".open-popup\">\n\t\t\t<div class=\"eael-lightbox-btn\">\n\t\t\t\t\t\t\t<\/div><!-- close .eael-lightbox-btn -->\n\t\t<\/div>\n\n\t\t<div class=\"eael-lightbox-popup-window eael-lightbox-popup-window-1e1acf09 lightbox_type_custom_html\" id=\"eael-lightbox-window-6a031f7ae08f4\">\n\t\t\t<div class=\"eael-lightbox-container\">\n\t\t\t\tMODAL HTML\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-104a712 aw-vuln-display-flexer elementor-widget elementor-widget-html\" data-id=\"104a712\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t <div class=\"aw-vuln-article-grid_content aw-vuln-card-grid\"><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-ivanti rating-critical priv-authenticated type-rce  rating-top-ten data-score-91\" data-score=\"9.1\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(1)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">9.1<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-21887<\/h2><p>A rough start to the year: The exploit chain involving CVE-2024-21887 and CVE-2023-46805 became one of the most widely exploited vulnerabilities of 2024. Approximately 2,000 Ivanti VPN devices were compromised across various industry verticals.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('priv-authenticated')\">Authenticated<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-rce')\">RCE<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-critical');\">Critical<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-ivanti');\">Ivanti<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_1\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-21887<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A rough start to the year: The exploit chain involving CVE-2024-21887 and CVE-2023-46805 became one of the most widely exploited vulnerabilities of 2024. Approximately 2,000 Ivanti VPN devices were compromised across various industry verticals.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">9.1<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Critical<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/forums.ivanti.com\/s\/article\/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-21887 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A critical vulnerability in the web component of Ivanti Connect Secure (versions 9.x and 22.x) and Ivanti Policy Secure could allow an authenticated threat actor to send specially crafted requests and execute arbitrary commands on a vulnerable appliance. The flaw was chained with CVE-2023-46805 during the period of exploitation. Although the activity was disclosed at the start of January, patches were not available for several weeks, leaving many devices worldwide exposed. The attacks, which targeted Ivanti VPN devices, began in December 2023 but peaked in January, compromising approximately 2,000 devices across various industry verticals. Notably, CISA warned that even after factory resets, compromised Ivanti devices could remain vulnerable to further exploitation.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">Could allow an authenticated threat actor to send specially crafted requests and execute arbitrary commands on a vulnerable Ivanti VPN device.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">The attacks, which began in December 2023 and peaked in January 2024, targeted Ivanti VPN devices, compromising approximately 2,000 devices across various industry verticals. Even after factory resets, CISA warned that compromised devices remained vulnerable to further exploitation.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-11\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"11\" aria-controls=\"elementor-tab-content-20211\" onclick=\"accordion_toggle('elementor-tab-content-20211 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-20211\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-11\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/cve-2024-21887-cve-2023-46805\/\" target=\"_blank\">CVE-2024-21887 and CVE-2023-46805: Actively Exploited Vulnerabilities in Ivanti Secure Products Chained Together to Achieve Unauthenticated RCE<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-ivanti rating-high priv-unauthenticated type-authentication-bypass  rating-top-ten data-score-82\" data-score=\"8.2\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(2)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">8.2<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2023-46805<\/h2><p>A rough start to the year: The exploit chain involving CVE-2024-21887 and CVE-2023-46805 became one of the most widely exploited vulnerabilities of 2024. The attacks, which targeted Ivanti VPN devices, began in December 2023 but peaked in January, compromising approximately 2,000 devices across various industry verticals.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('priv-unauthenticated')\">Unauthenticated<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-authentication-bypass')\">Authentication Bypass<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-high');\">High<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-ivanti');\">Ivanti<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_2\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2023-46805<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A rough start to the year: The exploit chain involving CVE-2024-21887 and CVE-2023-46805 became one of the most widely exploited vulnerabilities of 2024. The attacks, which targeted Ivanti VPN devices, began in December 2023 but peaked in January, compromising approximately 2,000 devices across various industry verticals.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">8.2<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">High<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/forums.ivanti.com\/s\/article\/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2023-46805 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A high-severity authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x, and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. The flaw was chained with CVE-2024-21887 during the period of exploitation. Although the activity was disclosed at the start of January, patches were not available for several weeks, leaving many devices worldwide exposed. The attacks, which targeted Ivanti VPN devices, began in December 2023 but peaked in January, compromising approximately 2,000 devices across various industry verticals. Notably, CISA warned that even after factory resets, compromised Ivanti devices could remain vulnerable to further exploitation.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">Could allow a remote threat actor to access the vulnerable Ivanti VPN device by bypassing control checks.  <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">The attacks, which began in December 2023 and peaked in January 2024, targeted Ivanti VPN devices, compromising approximately 2,000 devices across various industry verticals. Even after factory resets, CISA warned that compromised devices remained vulnerable to further exploitation.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-12\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"12\" aria-controls=\"elementor-tab-content-20212\" onclick=\"accordion_toggle('elementor-tab-content-20212 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-20212\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-12\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/cve-2024-21887-cve-2023-46805\/\" target=\"_blank\">CVE-2024-21887 and CVE-2023-46805: Actively Exploited Vulnerabilities in Ivanti Secure Products Chained Together to Achieve Unauthenticated RCE<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-connectwise rating-critical priv- type-authentication-bypass-rce  rating-top-ten data-score-10\" data-score=\"10\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(3)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">10<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-1709<\/h2><p>The first instance of ScreenConnect vulnerabilities being exploited in the wild. This maximum-severity flaw chained with CVE-2024-1708 allowed ransomware groups to target vulnerable ScreenConnect instances.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-authentication-bypass-rce')\">Authentication Bypass\/RCE<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-critical');\">Critical<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-connectwise');\">ConnectWise<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_3\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-1709<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">The first instance of ScreenConnect vulnerabilities being exploited in the wild. This maximum-severity flaw chained with CVE-2024-1708 allowed ransomware groups to target vulnerable ScreenConnect instances.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">10<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Critical<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/www.connectwise.com\/company\/trust\/security-bulletins\/connectwise-screenconnect-23.9.8\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-1709 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A maximum-severity authentication bypass vulnerability that allows a remote attacker with network access create new administrator-level accounts on affected devices, which could lead to remote code execution. This vulnerability was observed chained with CVE-2024-1708. Although threat actors have historically used ScreenConnect itself as a tool, this exploitation marked the first instance of vulnerabilities in ScreenConnect being reported as exploited in the wild. Shortly after disclosure, several proof-of-concept exploits were publicly released, and exploitation was found to be trivial. Black Basta and Bl00dy ransomware groups were reported to have exploited the vulnerability.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">A remote attacker with network access could exploit this vulnerability to create new administrator-level accounts on affected devices, potentially leading to remote code execution.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Arctic Wolf observed several instances of exploitation in customer environments shortly after proof-of-concept exploits were made available. Black Basta and Bl00dy ransomware groups were reported to have exploited the vulnerability.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-13\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"13\" aria-controls=\"elementor-tab-content-20213\" onclick=\"accordion_toggle('elementor-tab-content-20213 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-20213\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-13\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog-uk\/cve-2024-1709-cve-2024-1708-follow-up-active-exploitation-and-pocs-observed-for-critical-screenconnect-vulnerabilities-uk\/\" target=\"_blank\">CVE-2024-1709 & CVE-2024-1708: Follow-Up: Active Exploitation and PoCs Observed for Critical ScreenConnect Vulnerabilities<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-connectwise rating-high priv- type-path-traversal-rce  rating-top-ten data-score-84\" data-score=\"8.4\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(4)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">8.4<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-1708<\/h2><p>The first instance of ScreenConnect vulnerabilities being exploited in the wild. This vulnerability chained with the maximum-severity flaw CVE-2024-1709 allowed ransomware groups to target vulnerable ScreenConnect instances.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-path-traversal-rce')\">Path Traversal\/RCE<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-high');\">High<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-connectwise');\">ConnectWise<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_4\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-1708<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">The first instance of ScreenConnect vulnerabilities being exploited in the wild. This vulnerability chained with the maximum-severity flaw CVE-2024-1709 allowed ransomware groups to target vulnerable ScreenConnect instances.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">8.4<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">High<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/www.connectwise.com\/company\/trust\/security-bulletins\/connectwise-screenconnect-23.9.8\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-1708 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A high-severity path traversal vulnerability that allows a remote attacker to execute remote code. This vulnerability was observed chained with CVE-2024-1708. Although threat actors have historically used ScreenConnect itself as a tool, this exploitation marked the first instance of vulnerabilities in ScreenConnect being reported as exploited in the wild. Shortly after disclosure, several proof-of-concept exploits were publicly released, with exploitation found to be trivial. Black Basta and Bl00dy ransomware groups were reported to have exploited the vulnerability.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">A high-severity path traversal vulnerability that allows a remote attacker to execute remote code. <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Arctic Wolf observed several instances of exploitation in customer environments shortly after proof-of-concept exploits were made available. Black Basta and Bl00dy ransomware groups were reported to have exploited the vulnerability.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-14\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"14\" aria-controls=\"elementor-tab-content-20214\" onclick=\"accordion_toggle('elementor-tab-content-20214 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-20214\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-14\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog-uk\/cve-2024-1709-cve-2024-1708-follow-up-active-exploitation-and-pocs-observed-for-critical-screenconnect-vulnerabilities-uk\/\" target=\"_blank\">CVE-2024-1709 & CVE-2024-1708: Follow-Up: Active Exploitation and PoCs Observed for Critical ScreenConnect Vulnerabilities<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-palo-alto-networks rating-critical priv-unauthenticated type-rce  rating-top-ten data-score-10\" data-score=\"10\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(5)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">10<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-3400<\/h2><p>Exploited by threat actors as a zero-day vulnerability to implant backdoors on firewall devices. <\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('priv-unauthenticated')\">Unauthenticated<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-rce')\">RCE<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-critical');\">Critical<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-palo-alto-networks');\">Palo Alto Networks<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_5\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-3400<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">Exploited by threat actors as a zero-day vulnerability to implant backdoors on firewall devices. <\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">10<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Critical<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/security.paloaltonetworks.com\/CVE-2024-3400\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-3400 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A maximum-severity command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall. Several vendors reported that threat actors exploited this vulnerability as a zero-day to implant a custom Python-based backdoor on firewall devices. This allowed the threat actors to download additional tools to compromised devices to gain deeper access into victims\u2019 networks which allowed the extraction of sensitive credentials and files. <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">A maximum severity command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Several vendors reported that threat actors exploited this vulnerability as a zero-day to implant a custom Python backdoor on firewall devices. Arctic Wolf also observed instances of exploitation in customer environments. <\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-15\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"15\" aria-controls=\"elementor-tab-content-20215\" onclick=\"accordion_toggle('elementor-tab-content-20215 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-20215\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-15\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/cve-2024-3400-follow-up-patches-released-for-actively-exploited-critical-vulnerability-in-globalprotect-feature-of-pan-os\/\" target=\"_blank\">CVE-2024-3400: Follow Up: Patches Released for Actively Exploited Critical Vulnerability in GlobalProtect Feature of PAN-OS<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-sonicwall rating-critical priv- type-improper-access-control  rating-top-ten data-score-98\" data-score=\"9.8\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(6)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">9.8<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-40766<\/h2><p>A critical vulnerability in SonicWall Firewalls allows unauthorised access and crash under specific conditions. Exploited in Fog and Akira ransomware attacks.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-improper-access-control')\">Improper Access Control<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-critical');\">Critical<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-sonicwall');\">SonicWall<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_6\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-40766<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A critical vulnerability in SonicWall Firewalls allows unauthorised access and crash under specific conditions. Exploited in Fog and Akira ransomware attacks.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">9.8<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Critical<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/psirt.global.sonicwall.com\/vuln-detail\/SNWLID-2024-0015\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-40766 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A critical-severity vulnerability impacting several SonicWall Firewall models allows unauthorised resource access and, under specific conditions, causes the firewall to crash. Arctic Wolf observed suspected use of this vulnerability in Fog and Akira ransomware intrusions across customer environments in various industries since early August. Initial access to victim environments involved the use of SonicWall SSL VPN accounts.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">A critical-severity vulnerability that allows unauthorised resource access and, under specific conditions, causes affected SonicWall Firewalls to crash.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Arctic Wolf observed suspected use of this vulnerability in Fog and Akira ransomware intrusions across customer environments in various industries since early August. Initial access to victim environments involved the use of SonicWall SSL VPN accounts.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-16\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"16\" aria-controls=\"elementor-tab-content-20216\" onclick=\"accordion_toggle('elementor-tab-content-20216 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-20216\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-16\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/arctic-wolf-observes-akira-ransomware-campaign-targeting-sonicwall-sslvpn-accounts\/\" target=\"_blank\">Arctic Wolf Observes Akira Ransomware Campaign Targeting SonicWall SSLVPN Accounts<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-fortinet rating-critical  priv-unauthenticated type-missing-authentication  rating-top-ten data-score-98\" data-score=\"9.8\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(7)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">9.8<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-47575<\/h2><p>Also known as FortiJump, a critical-severity zero-day vulnerability lets attackers execute commands on vulnerable FortiManager devices, exploited since June 2024.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('priv-unauthenticated')\">Unauthenticated<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-missing-authentication')\">Missing Authentication<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-critical ');\">Critical <\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-fortinet');\">Fortinet<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_7\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-47575<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">Also known as FortiJump, a critical-severity zero-day vulnerability lets attackers execute commands on vulnerable FortiManager devices, exploited since June 2024.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">9.8<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Critical <\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/www.fortiguard.com\/psirt\/FG-IR-24-423\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-47575 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A critical-severity zero-day vulnerability, also known as \"FortiJump,\" disclosed in October allows a threat actor to use an unauthorised FortiManager device to execute arbitrary code and\/or commands against vulnerable FortiManager devices. Fortinet had privately contacted some customers before the official public disclosure. This vulnerability ended up being exploited on at least 50 FortiManager devices across several industries, with exploitation observed in the wild as early as June.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">A threat actor could exploit this zero-day vulnerability to use an unauthorised FortiManager device to execute arbitrary code and\/or commands on vulnerable FortiManager devices.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">At least 50 FortiManager devices across various industries globally were exploited. The vulnerability was exploited in the wild as early as June 2024.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-17\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"17\" aria-controls=\"elementor-tab-content-20217\" onclick=\"accordion_toggle('elementor-tab-content-20217 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-20217\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-17\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/cve-2024-47575\/\" target=\"_blank\">CVE-2024-47575: Critical Vulnerability in FortiNet FortiManager Under Active Exploitation<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-palo-alto-networks rating-critical  priv-unauthenticated type-rce  rating-top-ten data-score-98\" data-score=\"9.8\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(8)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">9.8<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-0012<\/h2><p>In November, attackers exploited internet-exposed firewall management interfaces using a critical unauthenticated remote code execution vulnerability, chained with CVE-2024-9474. Proof of concept (PoC) exploits triggered immediate, widespread attacks.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('priv-unauthenticated')\">Unauthenticated<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-rce')\">RCE<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-critical ');\">Critical <\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-palo-alto-networks');\">Palo Alto Networks<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_8\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-0012<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">In November, attackers exploited internet-exposed firewall management interfaces using a critical unauthenticated remote code execution vulnerability, chained with CVE-2024-9474. Proof of concept (PoC) exploits triggered immediate, widespread attacks.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">9.8<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Critical <\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/security.paloaltonetworks.com\/CVE-2024-0012\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-0012 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">In November, Palo Alto Networks revealed a critical unauthenticated remote code execution vulnerability being exploited against internet-exposed firewall management interfaces, chained with CVE-2024-9474. The situation escalated quickly, as proof of concept (PoC) exploit code was made publicly available shortly after the initial disclosure, leading to immediate exploitation by threat actors. Arctic Wolf observed suspected activity where PoC exploits were directly copied, with the name of the vendor who published the PoC still visible. Exploitation spread rapidly, with several vendors reporting similar activity.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code on internet-exposed firewall management interfaces. <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Evidence was revealed that exploits were directly copied from publicly available PoC code, with the name of the vendor who published the PoC still visible. Upon being published, the PoC exploits led to immediate widespread attacks. Several vendors observed similar activity.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-18\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"18\" aria-controls=\"elementor-tab-content-20218\" onclick=\"accordion_toggle('elementor-tab-content-20218 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-20218\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-18\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/follow-up-cve-2024-0012-cve-2024-9474\/\" target=\"_blank\">Follow-Up: Arctic Wolf Observes Ongoing Exploitation of Critical Palo Alto Networks Vulnerability CVE-2024-0012 Chained with CVE-2024-9474<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-palo-alto-networks rating-high priv-authenticated type-privilege-escalation  rating-top-ten data-score-72\" data-score=\"7.2\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(9)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">7.2<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-9474<\/h2><p>In November, attackers exploited internet-exposed firewall management interfaces using a critical unauthenticated remote code execution vulnerability, chained with CVE-2024-0012. Proof of concept (PoC) exploits triggered immediate, widespread attacks.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('priv-authenticated')\">Authenticated<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-privilege-escalation')\">Privilege Escalation<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-high');\">High<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-palo-alto-networks');\">Palo Alto Networks<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_9\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-9474<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">In November, attackers exploited internet-exposed firewall management interfaces using a critical unauthenticated remote code execution vulnerability, chained with CVE-2024-0012. Proof of concept (PoC) exploits triggered immediate, widespread attacks.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">7.2<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">High<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/security.paloaltonetworks.com\/CVE-2024-9474\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-9474 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">In November, Palo Alto Networks revealed a privilege escalation vulnerability that can be chained with CVE-2024-0012. Shortly after disclosure, proof-of-concept (PoC) exploit code was publicly released, leading to immediate exploitation by threat actors. Arctic Wolf observed PoC exploits directly copied from the vendor that published them. Several vendors reported similar activity. While CVE-2024-9474 is less severe, chaining it with CVE-2024-0012 allows threat actors to bypass authentication, gain administrator access to the management web interface, and escalate privileges to perform root-level actions on the firewall.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">A threat actor can chain this vulnerability with CVE-2024-0012 allows threat actors to bypass authentication, gain administrator access to the management web interface, and escalate privileges to perform root-level actions on the firewall.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Evidence was revealed that exploits were directly copied from publicly available PoC code, with the name of the vendor who published the PoC still visible. Upon being published, the PoC exploits led to immediate widespread attacks. Several vendors observed similar activity.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-19\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"19\" aria-controls=\"elementor-tab-content-20219\" onclick=\"accordion_toggle('elementor-tab-content-20219 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-20219\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-19\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/follow-up-cve-2024-0012-cve-2024-9474\/\" target=\"_blank\">Follow-Up: Arctic Wolf Observes Ongoing Exploitation of Critical Palo Alto Networks Vulnerability CVE-2024-0012 Chained with CVE-2024-9474<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-cleo rating-critical  priv- type-rce  rating-top-ten data-score-98\" data-score=\"9.8\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(10)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">9.8<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-50623<\/h2><p>In early December, an insufficient patch for CVE-2024-50623, initially addressed in October, was exploited. The Cl0p ransomware group claimed responsibility, extorting at least 66 victims as of the time of writing.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-rce')\">RCE<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-critical ');\">Critical <\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-cleo');\">Cleo<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_10\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-50623<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">In early December, an insufficient patch for CVE-2024-50623, initially addressed in October, was exploited. The Cl0p ransomware group claimed responsibility, extorting at least 66 victims as of the time of writing.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">9.8<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Critical <\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/support.cleo.com\/hc\/en-us\/articles\/27140294267799-Cleo-Product-Security-Advisory-CVE-2024-50623\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-50623 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">In early December, Arctic Wolf began observing a novel campaign exploiting Cleo Managed File Transfer (MFT) products across several customer environments. This vulnerability allows remote threat actors to upload and download files to a Cleo MFT product instance, which could lead to remote code execution. Multiple security vendors published observations suggesting the activity stemmed from an insufficient patch for CVE-2024-50623, which was initially addressed in October. The exploitation became widespread, and weeks later, the Cl0p ransomware group claimed responsibility. As of the time of writing, they have extorted at least 66 victims.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">This vulnerability allows remote threat actors to upload and download files to a Cleo MFT product instance, which could lead to remote code execution.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">The exploitation became widespread, and weeks later, the Cl0p ransomware group claimed responsibility. As of the time of writing, they have extorted at least 66 victims.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-110\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"110\" aria-controls=\"elementor-tab-content-202110\" onclick=\"accordion_toggle('elementor-tab-content-202110 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202110\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-110\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/cleo-releases-patches-for-cleo-mft-zero-day-vulnerability\/\" target=\"_blank\">Cleo Releases Patches for Cleo MFT Zero-day Vulnerability<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-beyondtrust rating-critical priv-unauthenticated type-command-injection   data-score-98\" data-score=\"9.8\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(11)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">9.8<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-12356<\/h2><p>A command injection vulnerability that allows an unauthenticated attacker to inject commands executed as the site user. It was discovered by BeyondTrust during their investigation into the U.S. Treasury breach in December.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('priv-unauthenticated')\">Unauthenticated<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-command-injection')\">Command Injection<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-critical');\">Critical<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-beyondtrust');\">BeyondTrust<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_11\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-12356<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A command injection vulnerability that allows an unauthenticated attacker to inject commands executed as the site user. It was discovered by BeyondTrust during their investigation into the U.S. Treasury breach in December.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">9.8<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Critical<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/www.beyondtrust.com\/trust-center\/security-advisories\/bt24-10\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-12356 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A vulnerability in BeyondTrust, impacting its Remote Support (RS) and Privileged Remote Access (PRA) software, was disclosed in December. The flaw, CVE-2024-12356, is a command injection vulnerability with a critical severity rating. If successfully exploited, it allows an unauthenticated remote threat actor to execute operating system commands within the context of the site user. This vulnerability was discovered by BeyondTrust during their investigation into the U.S. Treasury breach. However, there is no evidence to suggest this vulnerability was specifically used in that incident. It was later reported by CISA as exploited in the wild shortly after disclosure.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">If successfully exploited, this vulnerability allows an unauthenticated remote threat actor to execute operating system commands within the context of the site user. <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">BeyondTrust discovered this vulnerability during their investigation into the U.S. Treasury breach in December. However, no evidence suggests this flaw was specifically used in that incident. Shortly after its disclosure, CISA announced that the vulnerbaility has been exploited in the wild. <\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-111\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"111\" aria-controls=\"elementor-tab-content-202111\" onclick=\"accordion_toggle('elementor-tab-content-202111 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202111\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-111\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/cve-2024-12356\/\" target=\"_blank\">CVE-2024-12356: Critical Severity Command Injection Vulnerability in BeyondTrust Remote Support (RS) & Privileged Remote Access (PRA)<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-sciencelogic rating-critical  priv- type-rce   data-score-98\" data-score=\"9.8\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(12)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">9.8<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-9537<\/h2><p>The vulnerability responsible for the Rackspace Monitoring breach in September 2024. It was a zero-day flaw in a third-party utility that allows remote code execution.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-rce')\">RCE<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-critical ');\">Critical <\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-sciencelogic');\">ScienceLogic<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_12\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-9537<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">The vulnerability responsible for the Rackspace Monitoring breach in September 2024. It was a zero-day flaw in a third-party utility that allows remote code execution.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">9.8<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Critical <\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/arcticwolf.com\/resources\/blog\/rackspace-breach-linked-to-zero-day-vulnerability-sciencelogic-sl1s-third-party-utility\/\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-9537 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">In September, the managed cloud computing company Rackspace reported a breach tied to their Rackspace Monitoring product, which uses the ScienceLogic SL1 platform. Days later, Rackspace revealed that a threat actor had exploited an undocumented zero-day vulnerability in a third-party utility bundled with SL1. The vulnerability was a remote code execution flaw in a non-ScienceLogic utility. ScienceLogic, informed by Rackspace, developed a patch to remediate the issue and distributed it to all customers. To limit exposure, ScienceLogic has not disclosed the utility's name, as it may be included in other products. Although the vulnerability originated in a third-party utility, CVE-2024-9537 was assigned as ScienceLogic's specific issue. As of the time of writing, the third-party utility has not been publicly identified.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">A threat actor can exploit this third-party utility to achieve remote code execution in vulnerable systems. <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Leveraged in the Rackspace Monitoring breach. <\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-112\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"112\" aria-controls=\"elementor-tab-content-202112\" onclick=\"accordion_toggle('elementor-tab-content-202112 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202112\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-112\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/rackspace-breach-linked-to-zero-day-vulnerability-sciencelogic-sl1s-third-party-utility\/\" target=\"_blank\">Rackspace Breach Linked to Zero-Day Vulnerability in ScienceLogic SL1\u2019s Third-Party Utility<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-veeam rating-critical  priv-unauthenticated type-deserialization-rce   data-score-98\" data-score=\"9.8\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(13)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">9.8<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-40711<\/h2><p>A critical deserialisation vulnerability that can lead to remote code execution, leveraged to deploy several ransomware variants, including the first publicly reported instances of \"Frag\" ransomware.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('priv-unauthenticated')\">Unauthenticated<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-deserialization-rce')\">Deserialisation\/RCE<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-critical ');\">Critical <\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-veeam');\">Veeam<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_13\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-40711<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A critical deserialisation vulnerability that can lead to remote code execution, leveraged to deploy several ransomware variants, including the first publicly reported instances of \"Frag\" ransomware.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">9.8<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Critical <\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/www.veeam.com\/kb4649\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-40711 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">Veeam Backup and Replication contains a critical deserialisation vulnerability that allows an unauthenticated user to perform remote code execution. Threat actors have been observed exploiting this vulnerability to deploy Akira and Fog ransomware. They initially gained access to targeted systems through compromised VPN gateways that lacked multifactor authentication. Additionally, a threat actors exploited this vulnerability to deploy a novel ransomware variant, \"Frag,\".<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">Allows unauthenticated threat actor to perform remote code execution via a deserialisation flaw. <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Threat actors have been observed exploiting this vulnerability to deploy Akira, Fog, and Frag ransomware.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-113\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"113\" aria-controls=\"elementor-tab-content-202113\" onclick=\"accordion_toggle('elementor-tab-content-202113 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202113\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-113\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/critical-vulnerabilities-patched-in-veeam-products\/\" target=\"_blank\">Critical Vulnerabilities Patched in Veeam Products<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-ivanti rating-critical  priv-unauthenticated type-authentication-bypass   data-score-98\" data-score=\"9.8\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(14)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">9.8<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-7593<\/h2><p>A critical authentication bypass vulnerability in Ivanti Virtual Traffic Manager (vTM) results from a flaw in vTM\u2019s authentication algorithm. <\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('priv-unauthenticated')\">Unauthenticated<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-authentication-bypass')\">Authentication Bypass<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-critical ');\">Critical <\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-ivanti');\">Ivanti<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_14\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-7593<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A critical authentication bypass vulnerability in Ivanti Virtual Traffic Manager (vTM) results from a flaw in vTM\u2019s authentication algorithm. <\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">9.8<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Critical <\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/forums.ivanti.com\/s\/article\/Security-Advisory-Ivanti-Virtual-Traffic-Manager-vTM-CVE-2024-7593?language=en_US\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-7593 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A critical authentication bypass vulnerability in Ivanti Virtual Traffic Manager (vTM) results from a flaw in vTM\u2019s authentication algorithm. This allows a remote unauthenticated threat actor to bypass the admin panel in vulnerable vTM instances. At the time of disclosure, Ivanti acknowledged that a proof of concept was publicly available, and the vulnerability was added to CISA\u2019s Known Exploited Vulnerabilities Catalog the following month.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">Allows a remote unauthenticated threat actor to bypass the admin panel in vulnerable vTM instances. <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">At the time of disclosure, Ivanti acknowledged that a proof of concept was publicly available, and the vulnerability was added to CISA\u2019s Known Exploited Vulnerabilities Catalog the following month.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-114\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"114\" aria-controls=\"elementor-tab-content-202114\" onclick=\"accordion_toggle('elementor-tab-content-202114 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202114\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-114\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/cve-2024-7593-cve-2024-7569\/\" target=\"_blank\">CVE-2024-7593 & CVE-2024-7569: Critical Vulnerabilities Impacting Ivanti Virtual Traffic Manager and Neurons for ITSM<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-jetbrains rating-critical  priv- type-authentication-bypass   data-score-98\" data-score=\"9.8\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(15)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">9.8<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-27198<\/h2><p>A critical authentication bypass vulnerability in JetBrains TeamCity allows a threat actor to perform admin actions.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-authentication-bypass')\">Authentication Bypass<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-critical ');\">Critical <\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-jetbrains');\">JetBrains<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_15\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-27198<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A critical authentication bypass vulnerability in JetBrains TeamCity allows a threat actor to perform admin actions.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">9.8<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Critical <\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/blog.jetbrains.com\/teamcity\/2024\/03\/additional-critical-security-issues-affecting-teamcity-on-premises-cve-2024-27198-and-cve-2024-27199-update-to-2023-11-4-now\/\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-27198 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A critical authentication bypass vulnerability in JetBrains TeamCity allows a threat actor to perform admin actions. Threat actors in the wild have been observed leveraging this vulnerability to deploy ransomware, beacons, and cryptocurrency miners.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">Allows a threat actor to perform admin actions. <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Threat actors in the wild have been observed leveraging this vulnerability to deploy ransomware, beacons, and cryptocurrency miners.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-115\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"115\" aria-controls=\"elementor-tab-content-202115\" onclick=\"accordion_toggle('elementor-tab-content-202115 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202115\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-115\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/2024-27198-and-cve-2024-27199\/\" target=\"_blank\">CVE 2024-27198 and CVE-2024-27199: Authentication Bypass RCE Vulnerabilities Affecting On-Premises Servers of TeamCity<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-microsoft rating-high priv- type-privilege-escalation   data-score-88\" data-score=\"8.8\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(16)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">8.8<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-49039<\/h2><p>A high-severity Windows Task Scheduler Elevation of Privilege vulnerability. The Russian nexus threat actor group RomCom leveraged this vulnerability in a chain with a remote code execution flaw in Firefox (CVE-2024-49039) to deploy a backdoors.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-privilege-escalation')\">Privilege Escalation<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-high');\">High<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-microsoft');\">Microsoft<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_16\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-49039<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A high-severity Windows Task Scheduler Elevation of Privilege vulnerability. The Russian nexus threat actor group RomCom leveraged this vulnerability in a chain with a remote code execution flaw in Firefox (CVE-2024-49039) to deploy a backdoors.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">8.8<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">High<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-49039\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-49039 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A high-severity Windows Task Scheduler Elevation of Privilege vulnerability allows threat actors to elevate their privileges to a medium integrity level by running a specially crafted application on the target system. This vulnerability was fixed in Microsoft\u2019s November 2024 Patch Tuesday update. The Russian nexus threat actor group RomCom was behind global attacks in 2024 that leveraged this vulnerability in a chain with a remote code execution flaw in Firefox (CVE-2024-49039) to deploy a backdoor.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">Allows threat actors to elevate their privileges to a medium integrity level by running a specially crafted application on the target system. <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">The Russian nexus threat actor group RomCom was behind global attacks in 2024 that leveraged this vulnerability in a chain with a remote code execution flaw in Firefox (CVE-2024-49039) to deploy a backdoor.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-116\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"116\" aria-controls=\"elementor-tab-content-202116\" onclick=\"accordion_toggle('elementor-tab-content-202116 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202116\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-116\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/microsoft-patch-tuesday-november-2024\/\" target=\"_blank\">Microsoft Patch Tuesday: November 2024<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-cisco rating-high priv-unauthenticated type-denial-of-service   data-score-86\" data-score=\"8.6\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(17)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">8.6<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-20353<\/h2><p>A high-severity vulnerability impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) that leads to a denial-of-service (DoS) condition. It was leveraged in the \"ArcaneDoor\" campaign, where threat actors targeted perimeter network devices from multiple vendors.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('priv-unauthenticated')\">Unauthenticated<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-denial-of-service')\">Denial of Service<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-high');\">High<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-cisco');\">Cisco<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_17\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-20353<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A high-severity vulnerability impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) that leads to a denial-of-service (DoS) condition. It was leveraged in the \"ArcaneDoor\" campaign, where threat actors targeted perimeter network devices from multiple vendors.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">8.6<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">High<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-asaftd-websrvs-dos-X8gNucD2\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-20353 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A high-severity vulnerability impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) allows an unauthenticated, remote attacker to cause a device to reload unexpectedly, leading to a denial-of-service (DoS) condition. Exploited in the first half of 2024 in conjunction with CVE-2024-20359, this vulnerability was part of a campaign called \u201cArcaneDoor,\u201d which focused on espionage and gaining unauthorised access to sensitive information from targeted government entities and organisations in critical infrastructure. Specifically, this vulnerability was used to cause target ASA devices to reboot, triggering the unzipping and installation of the threat actor\u2019s malware.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">Allows an unauthenticated, remote attacker to cause a device to reload unexpectedly, leading to a denial-of-service (DoS) condition. <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">This vulnerability was part of a campaign called \u201cArcaneDoor,\u201d which focused on espionage and gaining unauthorised access to sensitive information from targeted government entities and organisations in critical infrastructure.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-117\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"117\" aria-controls=\"elementor-tab-content-202117\" onclick=\"accordion_toggle('elementor-tab-content-202117 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202117\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-117\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/cve-2024-20353-and-cve-2024-20359\/\" target=\"_blank\">CVE-2024-20353 and CVE-2024-20359: Cisco ASA and FTD Vulnerabilities Exploited by State-Sponsored Threat Actor in Espionage Campaign \u201cArcaneDoor\u201d<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-ivanti rating-high priv-unauthenticated type-server-side-request-forgery   data-score-82\" data-score=\"8.2\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(18)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">8.2<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-21893<\/h2><p>A bypass for the mitigations of the infamous exploit chain impacting Ivanti VPN devices in 2024, which involved CVE-2024-46805 and CVE-2024-21887.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('priv-unauthenticated')\">Unauthenticated<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-server-side-request-forgery')\">Server Side Request Forgery<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-high');\">High<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-ivanti');\">Ivanti<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_18\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-21893<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A bypass for the mitigations of the infamous exploit chain impacting Ivanti VPN devices in 2024, which involved CVE-2024-46805 and CVE-2024-21887.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">8.2<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">High<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/forums.ivanti.com\/s\/article\/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-21893 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A server-side request forgery (SSRF) flaw present in the SAML component of Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons allows an unauthenticated threat actor to access restricted resources. Ivanti reported that a limited number of customers have been affected by this vulnerability. It was a bypass for the mitigations of the infamous exploit chain impacting Ivanti VPN devices in 2024, which involved CVE-2024-46805 and CVE-2024-21887.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">Allows an unauthenticated threat actor to access restricted resources.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Ivanti reported that a limited number of customers have been affected by this vulnerability.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-118\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"118\" aria-controls=\"elementor-tab-content-202118\" onclick=\"accordion_toggle('elementor-tab-content-202118 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202118\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-118\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/cve-2024-21893\/\" target=\"_blank\">CVE-2024-21893: New Ivanti Zero-Day Vulnerability Actively Exploited<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-microsoft rating-high priv- type-privilege-escalation   data-score-78\" data-score=\"7.8\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(19)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">7.8<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-38193<\/h2><p>A high-severity zero-day elevation of privilege vulnerability in the Windows Ancillary Function Driver for WinSock that was exploited by the North Korean nexus threat actor group, Lazarus. <\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-privilege-escalation')\">Privilege Escalation<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-high');\">High<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-microsoft');\">Microsoft<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_19\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-38193<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A high-severity zero-day elevation of privilege vulnerability in the Windows Ancillary Function Driver for WinSock that was exploited by the North Korean nexus threat actor group, Lazarus. <\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">7.8<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">High<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-38193\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-38193 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A high-severity zero-day elevation of privilege vulnerability in the Windows Ancillary Function Driver for WinSock allows a local threat actor to gain SYSTEM privileges. This vulnerability was reported to have been exploited by the North Korean nexus threat actor group, Lazarus, in conjunction with the deployment of Fudmodule malware. CVE-2024-38193 was fixed in Microsoft's August 2024 Patch Tuesday Update.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">Allows a local threat actor to gain SYSTEM privileges.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Reported to have been exploited by the North Korean nexus threat actor group, Lazarus.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-119\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"119\" aria-controls=\"elementor-tab-content-202119\" onclick=\"accordion_toggle('elementor-tab-content-202119 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202119\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-119\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/microsoft-patch-tuesday-august-2024\/\" target=\"_blank\">Microsoft Patch Tuesday August 2024 Several Critical Vulnerability and Actively Exploited Vulnerabilities<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-microsoft rating-high priv- type-privilege-escalation   data-score-78\" data-score=\"7.8\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(20)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">7.8<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-30051<\/h2><p>A high-severity privilege escalation vulnerability in the Windows DWM Core Library was patched in Microsoft\u2019s May Patch Tuesday update. <\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-privilege-escalation')\">Privilege Escalation<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-high');\">High<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-microsoft');\">Microsoft<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_20\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-30051<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A high-severity privilege escalation vulnerability in the Windows DWM Core Library was patched in Microsoft\u2019s May Patch Tuesday update. <\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">7.8<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">High<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-30051\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-30051 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A high-severity privilege escalation vulnerability in the Windows DWM Core Library was patched in Microsoft\u2019s May Patch Tuesday update. This vulnerability allows a local threat actor to escalate privileges. Exploitation in the wild has been observed, with Qakbot and other malware being used.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">This vulnerability allows a local threat actor to escalate privileges. <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Exploitation in the wild has been reported, with Qakbot and other malware being used.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-120\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"120\" aria-controls=\"elementor-tab-content-202120\" onclick=\"accordion_toggle('elementor-tab-content-202120 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202120\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-120\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/critical-actively-exploited-vulnerabilities-microsoft-may-2024-patch-tuesday-update\/\" target=\"_blank\">Critical and Actively Exploited Vulnerabilities in Microsoft\u2019s May 2024 Patch Tuesday Update<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-microsoft rating-high priv-unauthenticated type-memory-corruption   data-score-75\" data-score=\"7.5\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(21)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">7.5<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-38178<\/h2><p>A high-severity memory corruption vulnerability in the Windows Scripting Engine exploited as a zero-day by the North Korean nexus threat actor ScarCruft.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('priv-unauthenticated')\">Unauthenticated<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-memory-corruption')\">Memory Corruption<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-high');\">High<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-microsoft');\">Microsoft<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_21\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-38178<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A high-severity memory corruption vulnerability in the Windows Scripting Engine exploited as a zero-day by the North Korean nexus threat actor ScarCruft.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">7.5<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">High<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-38178\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-38178 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A high-severity memory corruption vulnerability in the Windows Scripting Engine. An unauthenticated threat actor could exploit this vulnerability to achieve Remote Code Execution (RCE) if the target uses Microsoft Edge in Internet Explorer Mode. Exploitation requires an authenticated user to click a crafted URL. This vulnerability was exploited as a zero-day by the North Korean nexus threat actor ScarCruft, who used it to deliver RokRAT malware. The campaign involved compromising the server of an unmated domestic advertising agency to inject exploit code into advertisement scripts, which were then served to victim machines.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">An unauthenticated threat actor could exploit this vulnerability to achieve Remote Code Execution (RCE) if the target uses Microsoft Edge in Internet Explorer Mode.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">This vulnerability was exploited as a zero-day by the North Korean nexus threat actor ScarCruft, who used it to deliver RokRAT malware. <\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-121\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"121\" aria-controls=\"elementor-tab-content-202121\" onclick=\"accordion_toggle('elementor-tab-content-202121 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202121\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-121\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/microsoft-patch-tuesday-august-2024\/\" target=\"_blank\">Microsoft Patch Tuesday August 2024 Several Critical Vulnerability and Actively Exploited Vulnerabilities<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-microsoft rating-high priv- type-spoofing   data-score-75\" data-score=\"7.5\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(22)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">7.5<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-38112<\/h2><p>A high-severity Windows MSHTML Platform Spoofing Vulnerability exploited as zero-day by the Void Banshee threat actor.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-spoofing')\">Spoofing<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-high');\">High<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-microsoft');\">Microsoft<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_22\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-38112<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A high-severity Windows MSHTML Platform Spoofing Vulnerability exploited as zero-day by the Void Banshee threat actor.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">7.5<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">High<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-38112\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-38112 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A high-severity Windows MSHTML Platform Spoofing Vulnerability that a remote threat actor can exploit by sending a victim a malicious file, which the victim must execute. CVE-2024-38112 was patched in Microsoft\u2019s July 2024 Patch Tuesday update. This vulnerability was exploited as a zero-day by the Void Banshee threat actor. As part of their campaign, the group used CVE-2024-38112 to infect victim machines with the Atlantida information stealer, targeting North American, European, and Southeast Asian regions.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">A remote threat actor can exploit this vulnerability by sending a victim a malicious file that the victim would have to execute. <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">This vulnerability was exploited as a zero-day by the Void Banshee threat actor, targeting North American, European, and Southeast Asian regions.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-122\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"122\" aria-controls=\"elementor-tab-content-202122\" onclick=\"accordion_toggle('elementor-tab-content-202122 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202122\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-122\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/critical-vulnerability-actively-exploited-vulnerabilities-microsofts-july-2024-patch-tuesday-update\/\" target=\"_blank\">Critical Vulnerability and Actively Exploited Vulnerabilities in Microsoft\u2019s July 2024 Patch Tuesday Update<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-microsoft rating-high priv- type-privilege-escalation   data-score-7\" data-score=\"7\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(23)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">7<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-38106<\/h2><p>A high-severity elevation of privilege vulnerability in the Windows Kernel. Exploited as a zero-day by the North Korean nexus threat actor Citrine Sleet.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-privilege-escalation')\">Privilege Escalation<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-high');\">High<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-microsoft');\">Microsoft<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_23\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-38106<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A high-severity elevation of privilege vulnerability in the Windows Kernel. Exploited as a zero-day by the North Korean nexus threat actor Citrine Sleet.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">7<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">High<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-38106\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-38106 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A high-severity elevation of privilege vulnerability in the Windows Kernel. A local threat actor can exploit this vulnerability by winning a race condition to obtain SYSTEM privileges. CVE-2024-38106 was exploited by the North Korean nexus threat actor tracked by Microsoft as Citrine Sleet in attacks targeting the cryptocurrency sector.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">A local threat actor can exploit this vulnerability by winning a race condition to obtain SYSTEM privileges. <\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Exploited by the North Korean nexus threat actor tracked by Microsoft as Citrine Sleet in attacks targeting the cryptocurrency sector.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-123\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"123\" aria-controls=\"elementor-tab-content-202123\" onclick=\"accordion_toggle('elementor-tab-content-202123 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202123\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-123\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/microsoft-patch-tuesday-august-2024\/\" target=\"_blank\">Microsoft Patch Tuesday August 2024 Several Critical Vulnerability and Actively Exploited Vulnerabilities<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-microsoft rating-medium priv- type-spoofing   data-score-65\" data-score=\"6.5\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(24)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">6.5<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-43451<\/h2><p>A medium-severity NTLM hash disclosure spoofing vulnerability that exposes a user's NTLMv2 hash, enabling an attacker to authenticate as the user. Used as a zero-day vulnerability by a suspected Russian nexus threat actor to target Ukraine.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-spoofing')\">Spoofing<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-medium');\">Medium<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-microsoft');\">Microsoft<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_24\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-43451<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A medium-severity NTLM hash disclosure spoofing vulnerability that exposes a user's NTLMv2 hash, enabling an attacker to authenticate as the user. Used as a zero-day vulnerability by a suspected Russian nexus threat actor to target Ukraine.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">6.5<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Medium<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-43451\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-43451 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A medium-severity NTLM hash disclosure spoofing vulnerability that exposes a user's NTLMv2 hash, enabling an attacker to authenticate as the user. Exploitation requires minimal user interaction, such as single-clicking or right-clicking a malicious file. CVE-2024-38106 was exploited as a zero-day by a suspected Russian nexus threat actor to target Ukraine. The attackers sent phishing emails from a compromised Ukrainian government server, prompting victims to renew their academic certificates. The vulnerability is triggered when the victim interacts with a URL file embedded in the message.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">A threat actor can exploit this to obtain a user's NTLMv2 hash, allowing them to authenticate as the user. Exploitation requires minimal user interaction, such as single-clicking or right-clicking a malicious file.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">Used as a zero-day vulnerability by a suspected Russian nexus threat actor to target Ukraine.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-124\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"124\" aria-controls=\"elementor-tab-content-202124\" onclick=\"accordion_toggle('elementor-tab-content-202124 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202124\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-124\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/microsoft-patch-tuesday-november-2024\/\" target=\"_blank\">Microsoft Patch Tuesday: November 2024<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><div class = \"aw-vuln-card aw-vuln-article-card mix item_one vendor-cisco rating-medium priv-authenticated type-privilege-escalation   data-score-6\" data-score=\"6\"> <a class=\"aw-vuln-article-card_content wrapper open-popup\" onClick=\"offcanvasTrigger(25)\"><h6 class=\"aw-criticality-score-wrap\"><span class=\"aw-criticality-score\">6<\/span>\/10<\/h6><span class=\"vuln-name-subhead\">Vulnerability Name:<\/span><h2 class=\"aw-vuln-card-title\">CVE-2024-20359<\/h2><p>A medium-severity vulnerability affecting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) that allows code execution with root-level privileges. It was leveraged in the \"ArcaneDoor\" campaign, where threat actors targeted perimeter network devices from multiple vendors.<\/p><\/a><footer class=\"aw-vuln-article-card_footer lozenge-list wrapper\"><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('all');\">All<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('priv-authenticated')\">Authenticated<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('type-privilege-escalation')\">Privilege Escalation<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('rating-medium');\">Medium<\/button><button type=\"button\" class=\"control lozenge lozenge__category mixitup-control-active\" onClick=\"lozenge_filter('vendor-cisco');\">Cisco<\/button><\/footer><\/div><div style=\"display: none;\" class=\"aw-vuln-canvas-content aw_vuln_canvas_id_25\"><div class=\"aw-vuln-canvas-content-top\"><h6 class=\"aw-vuln-name-subhead\">Vulnerability Name<\/h6><h3 id=\"aw_vuln_canvas_title\" class=\"aw-vuln-canvas-title\">CVE-2024-20359<\/h3><h4 id=\"aw_vuln_canvas_subhead\" class=\"aw-vuln-canvas-title-description\">A medium-severity vulnerability affecting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) that allows code execution with root-level privileges. It was leveraged in the \"ArcaneDoor\" campaign, where threat actors targeted perimeter network devices from multiple vendors.<\/h4><div class=\"aw-vuln-item-content-info\"><div class=\"aw-vuln-col-score\"> CVSS V3 SCORE<ul><li id=\"aw_vuln_canvas_score\">6<\/li><\/ul><\/div><div class=\"aw-vuln-col-rating\"> NVD RISK RATING<ul><li id=\"aw_vuln_canvas_rating\">Medium<\/li><\/ul><\/div><div class=\"aw-vuln-col-patch\"> CVE PATCH<ul><li><a id=\"aw_vuln_canvas_patch_link\" class=\"aw-vuln-col-patch-link\" href=\"https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-asaftd-persist-rce-FLsNXF4h\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" data-src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" class=\" ls-is-cached lazyloaded\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\"><noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/elementor\/thumbs\/aw-bandaid-icon-white-lg-pp292i9jlxm9indci2ttjslrw0vjvlwg1pyl8jrigq.png\" \/><\/noscript>View Patch<\/a><\/li><\/ul><\/div><\/div><\/div><div class=\"aw-vuln-canvas-content-main\"><div class=\"aw-vuln-canvas-content-copy\"><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">CVE-2024-20359 At A Glance<\/h5><p class=\"aw-vuln-canvas-body-copy\">A medium-severity vulnerability affecting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) that allows an authenticated local attacker with administrator-level privileges to execute code with root-level privileges. This vulnerability was exploited in the first half of 2024 as part of a campaign called \"ArcaneDoor,\" which leveraged CVE-2024-20353. The campaign focused on espionage and gaining unauthorised access to sensitive information from government entities and critical infrastructure organisations.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Impact<\/h5><p class=\"aw-vuln-canvas-body-copy\">Allows an authenticated local attacker with administrator-level privileges to execute code with root-level privileges.<\/p><h5 id=\"aw_vuln_canvas_sub_title\" class=\"aw-vuln-canvas-title-subhead\">Arctic Wolf Observations and Analysis<\/h5><p class=\"aw-vuln-canvas-body-copy\">This vulnerability was part of a campaign called \u201cArcaneDoor,\u201d which focused on espionage and gaining unauthorised access to sensitive information from targeted government entities and organisations in critical infrastructure.<\/p><div class=\"elementor-element elementor-widget elementor-widget-eael-adv-accordion\" data-element_type=\"widget\" data-widget_type=\"eael-adv-accordion.default\"><div class=\"elementor-widget-container\"><div class=\"eael-adv-accordion aw_vuln_resources_accordion\" id=\"aw_vuln_accordion_id_012345678\" data-scroll-on-click=\"no\" data-scroll-speed=\"300\" data-accordion-id=\"c0f3728\" data-accordion-type=\"accordion\" data-toogle-speed=\"300\"><div class=\"eael-accordion-list\"><div id=\"accordion-tab-title-125\" class=\"elementor-tab-title eael-accordion-header\" tabindex=\"0\" data-tab=\"125\" aria-controls=\"elementor-tab-content-202125\" onclick=\"accordion_toggle('elementor-tab-content-202125 ')\"><span class=\"eael-advanced-accordion-icon-closed\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-plus\"><\/i><\/span><span class=\"eael-advanced-accordion-icon-opened\"><i aria-hidden=\"true\" class=\"fa-accordion-icon fas fa-minus\"><\/i><\/span><span class=\"eael-accordion-tab-title\">Resources<\/span><i aria-hidden=\"true\" class=\"fa-toggle fas fa-angle-right\"><\/i><\/div><div id=\"elementor-tab-content-202125\" class=\"eael-accordion-content clearfix\" data-tab=\"1\" aria-labelledby=\"accordion-tab-title-125\" style=\"display: none;\"><ul><li><a href=\"https:\/\/arcticwolf.com\/resources\/blog\/cve-2024-20353-and-cve-2024-20359\/\" target=\"_blank\">CVE-2024-20353 and CVE-2024-20359: Cisco ASA and FTD Vulnerabilities Exploited by State-Sponsored Threat Actor in Espionage Campaign \u201cArcaneDoor\u201d<\/a><\/li><\/ul><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div><span class=\"aw-vuln-card-grid_gap\" data-ref=\"first-gap\"><\/span> <span class=\"aw-vuln-card-grid_gap\"><\/span> <span class=\"aw-vuln-card-grid_gap\"><\/span> <\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7cce8933 elementor-widget elementor-widget-html\" data-id=\"7cce8933\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<script>\n\t\t\t\tfunction offcanvasTrigger(nNum) { \n\t\t\t\t\t\/\/console.log(jQuery(\".aw_vuln_canvas_id_\" + nNum).html()); \n\t\t\t\t\tjQuery(\".eael-lightbox-container\").html(jQuery(\".aw_vuln_canvas_id_\" + nNum).html());\n\t\t\t\t\treturn false;\n\t\t\t\t}\n\t\t\t\t\n\t\t\t\tfunction accordion_toggle(sID) {\n\t\t\t\t    jQuery('#' + sID).toggle(400);\n\t\t\t\t}\n\t\t\t\t\n\t\t\t\tjQuery( \".aw-vuln-article-card_footer\" ).on( \"click\", function(e) {\n  console.log(jQuery(e.target));\n  console.log(jQuery(this).parent());\n  console.log('mixitup: ' + jQuery(e.target).attr(\"class\").search(\"mixitup\") );\n  if (jQuery(e.target).attr(\"class\").search(\"mixitup\") == -1) {\n    jQuery(this).parent().find(\"a\").click();\n  }\n  \n} );\n\njQuery('#leadership-nav li').on('click', function(){\n    jQuery('#leadership-nav li.active').removeClass('active');\n    jQuery(this).addClass('active');\n});\n\n\t\t\t<\/script>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-46088d9 elementor-widget elementor-widget-html\" data-id=\"46088d9\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<script src=\"https:\/\/cybersecurity.arcticwolf.com\/rs\/840-OSQ-661\/images\/aw-filters_using-mixitup.min.js\"><\/script>\n\n        <script>\n            \n \/\/ URL Hash for filtering\n\n            var targetSelector = '.mix';\n\n            function getSelectorFromHash() {\n                var hash = window.location.hash.replace(\/^#\/g, '');\n\n                var selector = hash ? '.' + hash : targetSelector;\n\n                return selector;\n            }\n\n\n            function setHash(state) {\n                var selector = state.activeFilter.selector;\n                var newHash = '#' + selector.replace(\/^\\.\/g, '');\n\n                if (selector === targetSelector && window.location.hash) {\n                    \/\/ Equivalent to filter \"all\", remove the hash\n\n                    history.pushState(null, document.title, window.location.pathname); \/\/ or history.replaceState()\n                } else if (newHash !== window.location.hash && selector !== targetSelector) {\n                    \/\/ Change the hash\n\n                    history.pushState(null, document.title, window.location.pathname + newHash); \/\/ or history.replaceState()\n                }\n            }\n\n\n\n            var mixerURL = mixitup('.aw-vuln-display-flexer', {\n                selectors: {\n                    target: targetSelector\n                },\n                load: {\n                    filter: getSelectorFromHash() \n                },\n                callbacks: {\n                    onMixEnd: setHash \n                }\n            });\n\n\n            window.onhashchange = function() {\n                var selector = getSelectorFromHash();\n\n                if (selector === mixerURL.getState().activeFilter.selector) return; \/\/ no change\n\n                mixerURL.filter(selector);\n            };\n            \n  \/\/ end URL Hash for filtering           \n            \n            \n\n\n document.querySelectorAll('.smoothScroll a').forEach(anchor => {\n    anchor.addEventListener('click', function (e) {\n        e.preventDefault();\n\n        document.querySelector(this.getAttribute('href')).scrollIntoView({\n            behavior: 'smooth'\n        });\n    });\n});\n\n\njQuery(window).scroll(function() {    \n    var scroll = jQuery(window).scrollTop();\n\n    if (scroll >= 800) {\n        jQuery(\".mobile-filters\").addClass(\"mobile-filters-active\");\n    } else {\n        jQuery(\".mobile-filters\").removeClass(\"mobile-filters-active\");\n    }\n});\n\nvar isInViewport = function(elem) {\n  var distance = elem.getBoundingClientRect();\n  return (\n    distance.top <= (window.innerHeight || document.documentElement.clientHeight)  &&\n    distance.left >= 0 &&\n    distance.bottom >= 0 &&\n    distance.right <= (window.innerWidth || document.documentElement.clientWidth)\n  );\n};\n\nvar findMe = document.querySelectorAll('#aw-resources');\n\nwindow.addEventListener('scroll', function(event) {\n\nfindMe.forEach(element => {\n    if (isInViewport(element)) {\n      jQuery('.mobile-filters').addClass(\"but-now-inactive\");\n    } else {\n        jQuery(\".mobile-filters\").removeClass(\"but-now-inactive\");\n    }\n});\n}, false);\n        <\/script>   \t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-top-section elementor-element elementor-element-3f0039c7 elementor-section-content-middle elementor-reverse-mobile elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3f0039c7\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;animation&quot;:&quot;none&quot;,&quot;background_background&quot;:&quot;classic&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div data-ha-element-link=\"{&quot;url&quot;:&quot;https:\\\/\\\/cybersecurity.arcticwolf.com\\\/WBR-CSMRFY25Q425-02-06EMEAMostExploitedVulnerabilitiesof2024_FORMTOPRegPage.html&quot;,&quot;is_external&quot;:&quot;&quot;,&quot;nofollow&quot;:&quot;&quot;}\" style=\"cursor: pointer\" data-gbadge=\"{&quot;text&quot;:&quot;On-Demand Webinar&quot;,&quot;hideIfEmpty&quot;:false,&quot;icon&quot;:false}\" class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-5ddb04ed premium-gbadge-yes premium-gbadge-flag premium-gbadge-left no-badge-before elementor-invisible\" data-id=\"5ddb04ed\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;animation&quot;:&quot;fadeInRight&quot;,&quot;animation_tablet&quot;:&quot;fadeIn&quot;,&quot;animation_delay&quot;:400}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4c51ad33 add-filter-shadow elementor-view-default elementor-widget elementor-widget-icon\" data-id=\"4c51ad33\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"icon.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-icon-wrapper\">\n\t\t\t<div class=\"elementor-icon elementor-animation-grow\">\n\t\t\t<i aria-hidden=\"true\" class=\"fad fa-play\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-25c82733 elementor-invisible\" data-id=\"25c82733\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;animation&quot;:&quot;fadeInLeft&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-inner-section elementor-element elementor-element-2f944cfd elementor-section-content-top elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"2f944cfd\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-4af9c52e\" data-id=\"4af9c52e\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4f2ef56d elementor-invisible elementor-widget elementor-widget-heading\" data-id=\"4f2ef56d\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeIn&quot;,&quot;_animation_delay&quot;:0}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">2024 <span class=\"gr-text-aurora\">Most Exploited Vulnerabilities<\/span><\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-45ed9235 elementor-widget elementor-widget-text-editor\" data-id=\"45ed9235\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<span class=\"gr-text-aurora\">AIR DATE:<\/span> Thursday, February 6, 2024\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2951e2e6 elementor-widget elementor-widget-text-editor\" data-id=\"2951e2e6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tArctic Wolf\u2019s annual recap highlighting the most noteworthy, high-profile vulnerabilities and what makes them so dangerous.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-62f357b3 gr-button elementor-tablet-align-left elementor-mobile-align-center elementor-invisible elementor-widget elementor-widget-button\" data-id=\"62f357b3\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeIn&quot;,&quot;_animation_delay&quot;:300}\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm\" href=\"https:\/\/cybersecurity.arcticwolf.com\/WBR-CSMRFY25Q425-02-06EMEAMostExploitedVulnerabilitiesof2024_FORMTOPRegPage.html\" target=\"_blank\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t<span class=\"elementor-button-icon\">\n\t\t\t\t<i aria-hidden=\"true\" class=\"fas fa-play\"><\/i>\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">Watch On-Demand<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-top-section elementor-element elementor-element-651e95c7 elementor-section-content-middle elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"651e95c7\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-685c4046\" data-id=\"685c4046\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-inner-section elementor-element elementor-element-3a83befc hide elementor-hidden-desktop elementor-hidden-tablet elementor-hidden-mobile elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3a83befc\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-1335413f\" data-id=\"1335413f\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-66767e25 elementor-invisible elementor-widget elementor-widget-image\" data-id=\"66767e25\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeInRight&quot;,&quot;_animation_mobile&quot;:&quot;fadeInDown&quot;}\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a href=\"\/resource\/aw\/infographic-what-this-years-top-vulnerabilities-show-us-about-the-future-of-cybersecurity\" target=\"_blank\">\n\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"868\" height=\"1024\" src=\"https:\/\/arcticwolf.com\/wp-content\/uploads\/2025\/01\/Most-Exploited-Vulnerabilities-Infographic-3-page-mock-868x1024.png\" class=\"elementor-animation-grow attachment-large size-large wp-image-122257\" alt=\"\" srcset=\"https:\/\/arcticwolf.com\/wp-content\/uploads\/2025\/01\/Most-Exploited-Vulnerabilities-Infographic-3-page-mock-868x1024.png 868w, https:\/\/arcticwolf.com\/wp-content\/uploads\/2025\/01\/Most-Exploited-Vulnerabilities-Infographic-3-page-mock-254x300.png 254w, https:\/\/arcticwolf.com\/wp-content\/uploads\/2025\/01\/Most-Exploited-Vulnerabilities-Infographic-3-page-mock.png 1155w\" sizes=\"(max-width: 868px) 100vw, 868px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-inner-column elementor-element elementor-element-10ea4f56\" data-id=\"10ea4f56\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-212b03cf premium-header-inline premium-lq__none premium-box-lq__none elementor-invisible elementor-widget elementor-widget-premium-addon-dual-header\" data-id=\"212b03cf\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation_tablet&quot;:&quot;none&quot;,&quot;_animation_mobile&quot;:&quot;none&quot;,&quot;_animation&quot;:&quot;fadeInUp&quot;,&quot;_animation_delay&quot;:100}\" data-widget_type=\"premium-addon-dual-header.default\">\n\t\t\t\t\t\n\t\t<div class=\"elementor-widget-container\">\n\t\t<div class=\"premium-dual-header-wrapper\">\n\t\t\t\t\t<p class=\"premium-dual-header-first-header \"><span class=\"premium-dual-header-first-span\"><span class=\"gr-text\">AVAILABLE FOR DOWNLOAD<\/span> <\/span><\/p> \t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1fd29daa elementor-invisible elementor-widget elementor-widget-heading\" data-id=\"1fd29daa\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeInRight&quot;,&quot;_animation_delay&quot;:100}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">What 2023 Taught Us About Vulnerabilities <\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-683af934 elementor-invisible elementor-widget elementor-widget-text-editor\" data-id=\"683af934\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeInRight&quot;,&quot;_animation_delay&quot;:200}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tRemote Code Execution Reigns, But Other Impact Types Had a Very Good Year \t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-47eea3f2 elementor-invisible elementor-widget elementor-widget-text-editor\" data-id=\"47eea3f2\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeInRight&quot;,&quot;_animation_delay&quot;:200}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tThreat actors are continuing to evolve their attacks, evading security solutions by pivoting rapidly and employing multiple paths to value. But the best way to fight back remains a focus on the fundamentals. Download our infographic for quick-hit takeaways to help you reinforce your cybersecurity foundation. \t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-473b7fa elementor-align-left elementor-tablet-align-left elementor-mobile-align-center gr-button-blue elementor-invisible elementor-widget elementor-widget-button\" data-id=\"473b7fa\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeInRight&quot;,&quot;_animation_delay&quot;:400,&quot;_animation_mobile&quot;:&quot;fadeInUp&quot;}\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm\" href=\"\/resource\/aw\/infographic-what-this-years-top-vulnerabilities-show-us-about-the-future-of-cybersecurity\" target=\"_blank\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">View The Infographic<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-inner-section elementor-element elementor-element-5e814fb2 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"5e814fb2\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-112ea589\" data-id=\"112ea589\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-114a5300 elementor-invisible elementor-widget elementor-widget-heading\" data-id=\"114a5300\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeInUp&quot;,&quot;_animation_delay&quot;:300}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">Connect with the <span class=\"gr-text-aurora-light\">Arctic Wolf Cybersecurity Team Today\u00a0<\/span><\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-44e4e2e elementor-invisible elementor-widget elementor-widget-text-editor\" data-id=\"44e4e2e\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeInUp&quot;,&quot;_animation_delay&quot;:600}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>A combination of Arctic Wolf security operations solutions coupled with expert insights from our Concierge Security<sup style=\"line-height: 0px;\">\u00ae<\/sup> Team (CST) can guide your organisation through Arctic Wolf&#8217;s mission to End Cyber Risk. Fill out the form to learn more and we\u2019ll be in touch with you shortly.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-35475fab elementor-invisible elementor-widget elementor-widget-ArcticWolf-marketo-form\" data-id=\"35475fab\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeIn&quot;,&quot;_animation_delay&quot;:200}\" data-widget_type=\"ArcticWolf-marketo-form.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\n    \n    <!-- Main Form Styles for Floating Lables-->\n    <link href=\"https:\/\/cybersecurity.arcticwolf.com\/rs\/840-OSQ-661\/images\/AW-mkto-floating-form-labels-styles-211027.css\" rel=\"stylesheet\">\n\n    <!-- Mkto Form Core Scripts-->\n    <script data-ot-ignore src=\"\/\/cybersecurity.arcticwolf.com\/js\/forms2\/js\/forms2.min.js\"><\/script>\n    <form id=\"mktoForm_5368\" onsubmit=\"try {_6si.send(event); } catch (error) { console.error(error);}\"><\/form>\n    <script>MktoForms2.loadForm(\"\/\/cybersecurity.arcticwolf.com\", \"840-OSQ-661\", 5368, function(form) {\n        \t\t\t\n         var formElement = form.getFormElem()[0];\n         formElement.addEventListener(\"submit\", function(event) {\n         window.SixSenseEvent = event;\n         console.info(\"6sense: Form submit initiated.\");\n     });\n     formElement.getElementsByTagName('button')[0].setAttribute('name', 'mktoButton_' + form.getId());\n     formElement.setAttribute('name', 'mktoForm_' + form.getId());\n     form.onSuccess(function() {\n\ttry {\t \n\t if (_6si) {\n     _6si.send(window.SixSenseEvent);\n        console.info(\"6sense: Form submit completed.\");\n     } else {\n         console.warn(\"6sense: Event object not found. Form fill not logged.\");\n     }\n\t} catch (error) {console.error(error);}\n     });\n    });<\/script>\n\n    <!-- Form Script for Styling Attributes-->\n    <script type=\"text\/javascript\" src=\"https:\/\/cybersecurity.arcticwolf.com\/rs\/840-OSQ-661\/images\/AW-mkto-form-style-attributes-210628.js\"><\/script>\n\n    <!-- Floating label script-->\n    <script>\n\n        function floatingLabels() {\n            jQuery('.mktoRadioList, .mktoCheckboxList').parent().children('label').addClass('d-none');\n            jQuery('.mktoForm select:not(\"#Consent_Opt_In__c\") option:nth-of-type(1)').html(\"\");\n\n            var inputs = jQuery('.mktoForm input[type=url], .mktoForm input[type=text], .mktoForm input[type=date], .mktoForm input[type=tel], .mktoForm input[type=email], .mktoForm input[type=number], .mktoForm textarea.mktoField, .mktoForm select.mktoField');\n\n            jQuery(inputs).focus(function(){\n                var fieldID = jQuery(this).attr('id');\n                fieldLabel = 'label.mktoLabel[for=' + fieldID +']';\n                jQuery(fieldLabel).addClass('activeLabel')\n            });\n\n            jQuery(inputs).blur(function(){\n                var fieldID = jQuery(this).attr('id');\n                fieldLabel = 'label.mktoLabel[for=' + fieldID +']';\n                if (jQuery(this).val() == \"\"){\n                    jQuery(fieldLabel).removeClass('activeLabel');\n                }\n            });\n        }\n\n        jQuery(window).on('load',function(){\n            jQuery(document).ready(function() {\n        \t   MktoForms2.whenReady(function (form){\n                 jQuery(floatingLabels)\n                 jQuery('form.mktoForm').on('change', floatingLabels);\n        \t   });\n            });\n        });\n    <\/script>\n\n    <style>\n        form.mktoForm input[type=url], form.mktoForm input[type=text], form.mktoForm input[type=date], form.mktoForm input[type=tel], form.mktoForm input[type=email], form.mktoForm input[type=number], form.mktoForm textarea.mktoField, form.mktoForm select.mktoField, form.mktoForm label.mktoLabel, form.mktoForm .mktoRadioList, form.mktoForm .mktoCheckboxList, form.mktoForm select.mktoField.mktoInvalid:active, form.mktoForm select.mktoField.mktoInvalid:focus, form.mktoForm .mktoCaptchaDisclaimer {\n            color:  #666666 !important;\n        }\n\n        form.mktoForm label.mktoLabel.activeLabel {\n            color: #0066FF !important;\n        }\n\n        form.mktoForm input[type=url], form.mktoForm input[type=text], form.mktoForm input[type=date], form.mktoForm input[type=tel], form.mktoForm input[type=email], form.mktoForm input[type=number], form.mktoForm textarea.mktoField, form.mktoForm select.mktoField {\n            border-bottom: 1px solid #666666 !important;\n        }\n\n        form.mktoForm input[type=url]:focus, form.mktoForm input[type=text]:focus, form.mktoForm input[type=date]:focus, form.mktoForm input[type=tel]:focus, form.mktoForm input[type=email]:focus, form.mktoForm input[type=number]:focus, form.mktoForm textarea.mktoField:focus, form.mktoForm select.mktoField:focus {\n            box-shadow: 0 1px 0 0 #0066FF !important;\n            border-bottom: 1px solid #0066FF !important;\n        }\n\n            <\/style>\n\n    \t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d27f819 elementor-widget elementor-widget-html\" data-id=\"d27f819\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<style>\n    form.mktoForm .mktoButtonWrap button.mktoButton[class] {\n    background-color: #0066ff;\n    background-image: linear-gradient(to right, #0066ff, #0099ff, #0099ff, #0066ff) !important;\n}\nform.mktoForm .mktoButtonWrap button.mktoButton[class]:hover, form.mktoForm .mktoButtonWrap button.mktoButton[class]:focus, form.mktoForm .mktoButtonWrap button.mktoButton[class]:active {\n    background-image: linear-gradient(to right, #0066ff, #0099ff, #0099ff, #0066ff) !important;\n}\n.mktoTemplateBox {\n    padding: 40px 20px !important;\n    position: relative;\n}\n.mktoTemplateBox div {\n    z-index: 5;\n    position: relative;\n}\n.mktoTemplateBox:after {\n    content: \"\";\n    position: absolute;\n    inset: 0px;\n    border-radius: 0px;\n    padding: 2px;\n    background: radial-gradient(transparent, transparent, transparent 80%, #0066ff 95%);\n    -webkit-mask: radial-gradient(#fff 0 0) content-box, radial-gradient(#fff 0 0);\n    -webkit-mask-composite: xor;\n    mask-composite: exclude;\n}\np.p-xl {\n    font-size: 20px !important;\n    text-align: center;\n    margin-bottom: 20px;\n    margin-top: 5px;\n}\nh3.all-set {\n    font-size: 26px !important;\n    display: inline-block;\n    background: -webkit-linear-gradient(120deg, black 5%, #0099ff 40%, #0099ff 55%, #0079FF 70%, #0065CC);\n    background: linear-gradient(120deg, black 5%, #0099ff 40%, #0099ff 55%, #0079FF 70%, #0065CC);\n    -webkit-background-clip: text;\n    -webkit-text-fill-color: transparent;\n    -webkit-box-decoration-break: clone;\n    font-weight: 600;\n}\n<\/style>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-top-section elementor-element elementor-element-54aad595 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"54aad595\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;gradient&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-25f532e4 elementor-invisible\" data-id=\"25f532e4\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;animation&quot;:&quot;fadeInUp&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-inner-section elementor-element elementor-element-781af2eb elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"781af2eb\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-inner-column elementor-element elementor-element-42ddeea2\" data-id=\"42ddeea2\" data-element_type=\"column\" data-e-type=\"column\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-2518cae1 elementor-vertical-align-middle elementor-invisible elementor-widget elementor-widget-image-box\" data-id=\"2518cae1\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeInDown&quot;,&quot;_animation_delay&quot;:200}\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><p class=\"elementor-image-box-title\"><span class=\"gr-text-aurora-light\">Additional Resources For<\/span><\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-635e9259 elementor-invisible elementor-widget elementor-widget-heading\" data-id=\"635e9259\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeInDown&quot;,&quot;_animation_delay&quot;:400}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<span class=\"elementor-heading-title elementor-size-default\"><h2>Security Leaders<\/h2><\/span>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-698ecc8d elementor-invisible elementor-widget elementor-widget-template\" data-id=\"698ecc8d\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeIn&quot;,&quot;_animation_delay&quot;:600}\" data-widget_type=\"template.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-template\">\n\t\t\t\t\t<div data-elementor-type=\"section\" data-elementor-id=\"57710\" class=\"elementor elementor-57710\" data-elementor-post-type=\"elementor_library\">\n\t\t\t\t\t<section data-particle_enable=\"false\" data-particle-mobile-disabled=\"false\" class=\"elementor-section elementor-top-section elementor-element elementor-element-e36c56c elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"e36c56c\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;_ha_eqh_enable&quot;:false}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2c5558d\" data-id=\"2c5558d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-46520a8 elementor-widget elementor-widget-html\" data-id=\"46520a8\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div id=\"pf-embed\"><\/div>\n<style>\n\n#pf-embed a.lb-inpage-item div:nth-of-type(1) {\n    padding-top: 55%;\n}\ndiv#qa-website-inject-item-image-0, div#qa-website-inject-item-image-1, div#qa-website-inject-item-image-2 {\n    background-position:center center;\n\tborder-radius: 10px;\n}\na.lb-inpage-item {\n    width: 33.333%;\n    padding: 15px;\n    margin: 10px;\n    background: linear-gradient(0deg, transparent, #CDDCF3);\n    border-radius: 10px;\n\tposition: relative;\n\ttransition: all .25s linear;\n}\na.lb-inpage-item:hover {\n    transform: translateY(-5px);\n}\n\t\n#pf-embed a.lb-inpage-item div:nth-of-type(1):hover:after {\n    color: #0066ff;\n}\n#pf-embed a.lb-inpage-item div:nth-of-type(1):after {\n    content: 'READ MORE \u2192';\n    position: absolute;\n    bottom: -25px;\n    font-size: 14px;\n    letter-spacing: 1px;\n    color: #0099ff;\n    font-weight: 600;\n    justify-content: center;\n    display: flex;\n    width: calc(100% - 30px);\n    transition: all .25s linear;\n}\n#pf-embed a.lb-inpage-item div:nth-of-type(2) {\n    color: black;\n    font-size: 21px;\n    font-family: 'Encode Sans', sans-serif;\n    padding: 10px 0px 25px 0;\n    font-weight: 500;\n    line-height: 1.3em;\n    margin-top: 0;\n    margin-left: 0px;\n    margin-right: 0px;\n\ttext-align: center;\n    }\n#qa-website-inject-title {\n        display: none;\n    }\n#pf-embed a.lb-inpage-item div:nth-of-type(1){transition: all .25s linear;} \n\t\n#pf-embed a.lb-inpage-item div:nth-of-type(1):hover {\n    transition: all 0.25s;\n}\n#pf-embed a.lb-inpage-item div:nth-of-type(1):hover div#qa-website-inject-item-image-0, #pf-embed a.lb-inpage-item div:nth-of-type(1):hover div#qa-website-inject-item-image-1, #pf-embed a.lb-inpage-item div:nth-of-type(1):hover div#qa-website-inject-item-image-2 {\n    height: 200px;\n    box-shadow: 0px -1px 25px #888;\n}\n@media (max-width: 768px) {\na.lb-inpage-item {\n    padding: 0px;\n}\n#pf-embed a.lb-inpage-item div:nth-of-type(2) {\n    padding: 18px 0px 10px 0;\n    font-size: 17px;\n    }\n#qa-website-inject-items {\n        display: block;\n        width: 100%;\n        max-width: 450px;\n        margin: 0 auto;\n    }\n    #pf-embed a.lb-inpage-item div:nth-of-type(1):after {\ndisplay: none;\n}\ndiv#qa-website-inject-item-title-0, div#qa-website-inject-item-title-1, div#qa-website-inject-item-title-2 {\n    margin-bottom: 10px;\n}\n}\n<\/style>\n<script>\njQuery(document).ready(function () {\n    jQuery(window).scroll(function(){\n        var pfURLtrigger = parseInt(jQuery(window).scrollTop());\n\n        if (pfURLtrigger > 500) {\n            jQuery('#pf-embed a').each(function() {\n    var href = jQuery(this).attr('href');\n    if (href) {\n        var url = new URL(href);\n        url.searchParams.set(\"lb-mode\", \"overlay\");\n        jQuery(this).attr('href', url.href);\n    }\n});\n        }\n    });\n});\n<\/script>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6fef9d18 elementor-align-center elementor-tablet-align-center gr-button-blue elementor-invisible elementor-widget elementor-widget-button\" data-id=\"6fef9d18\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeIn&quot;,&quot;_animation_delay&quot;:700}\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm\" href=\"\/resources\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">Resource Library<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Arctic Wolf Presents The Most Exploited Vulnerabilities of 2024 2024 saw another jump in the volume of vulnerabilities published, with the year\u2019s total tally at 40,289, a 72% increase compared to 2023. With so many vulnerabilities for security teams to track and respond to, it\u2019s vital to understand which mattered most to threat actors as <a href=\"https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/\" class=\"more-link\">&#8230;<span class=\"screen-reader-text\">  The Most Exploited Vulnerabilities of the Year<\/span><\/a><\/p>\n","protected":false},"author":65,"featured_media":122783,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-122782","page","type-page","status-publish","has-post-thumbnail","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>The Most Exploited Vulnerabilities of the Year - Arctic Wolf<\/title>\n<meta name=\"description\" content=\"In our list of the 25 most exploited vulnerabilities of the year, you&#039;ll uncover trends and insights you can use to guide your remediation and vulnerability management plans this year.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Most Exploited Vulnerabilities of the Year - Arctic Wolf\" \/>\n<meta property=\"og:description\" content=\"In our list of the 25 most exploited vulnerabilities of the year, you&#039;ll uncover trends and insights you can use to guide your remediation and vulnerability management plans this year.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/\" \/>\n<meta property=\"og:site_name\" content=\"Arctic Wolf\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ArcticWolfNetworks\" \/>\n<meta property=\"article:modified_time\" content=\"2025-02-10T20:20:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/arcticwolf.com\/wp-content\/uploads\/2025\/01\/AW-MR-Vuln-OG-Image-01-250114.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@AWNetworks\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/the-most-exploited-vulnerabilities-of-the-year\\\/\",\"url\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/the-most-exploited-vulnerabilities-of-the-year\\\/\",\"name\":\"The Most Exploited Vulnerabilities of the Year - Arctic Wolf\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/the-most-exploited-vulnerabilities-of-the-year\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/the-most-exploited-vulnerabilities-of-the-year\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/arcticwolf.com\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/AW-MR-Vuln-OG-Image-01-250114.jpg\",\"datePublished\":\"2025-01-28T14:43:44+00:00\",\"dateModified\":\"2025-02-10T20:20:45+00:00\",\"description\":\"In our list of the 25 most exploited vulnerabilities of the year, you'll uncover trends and insights you can use to guide your remediation and vulnerability management plans this year.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/the-most-exploited-vulnerabilities-of-the-year\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/the-most-exploited-vulnerabilities-of-the-year\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/the-most-exploited-vulnerabilities-of-the-year\\\/#primaryimage\",\"url\":\"https:\\\/\\\/arcticwolf.com\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/AW-MR-Vuln-OG-Image-01-250114.jpg\",\"contentUrl\":\"https:\\\/\\\/arcticwolf.com\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/AW-MR-Vuln-OG-Image-01-250114.jpg\",\"width\":1200,\"height\":628},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/the-most-exploited-vulnerabilities-of-the-year\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Most Exploited Vulnerabilities of the Year\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/#website\",\"url\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/\",\"name\":\"Arctic Wolf\",\"description\":\"The Leaders in Security Operations\",\"publisher\":{\"@id\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/#organization\",\"name\":\"Arctic Wolf Networks\",\"alternateName\":\"Arctic Wolf\",\"url\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/arcticwolf.com\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/AW-Logo-Main-AuroraFY25.png\",\"contentUrl\":\"https:\\\/\\\/arcticwolf.com\\\/wp-content\\\/uploads\\\/2025\\\/01\\\/AW-Logo-Main-AuroraFY25.png\",\"width\":655,\"height\":232,\"caption\":\"Arctic Wolf Networks\"},\"image\":{\"@id\":\"https:\\\/\\\/arcticwolf.com\\\/uk\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/ArcticWolfNetworks\",\"https:\\\/\\\/x.com\\\/AWNetworks\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/arcticwolf\",\"https:\\\/\\\/www.youtube.com\\\/ArcticWolfNetworks\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Most Exploited Vulnerabilities of the Year - Arctic Wolf","description":"In our list of the 25 most exploited vulnerabilities of the year, you'll uncover trends and insights you can use to guide your remediation and vulnerability management plans this year.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/","og_locale":"en_GB","og_type":"article","og_title":"The Most Exploited Vulnerabilities of the Year - Arctic Wolf","og_description":"In our list of the 25 most exploited vulnerabilities of the year, you'll uncover trends and insights you can use to guide your remediation and vulnerability management plans this year.","og_url":"https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/","og_site_name":"Arctic Wolf","article_publisher":"https:\/\/www.facebook.com\/ArcticWolfNetworks","article_modified_time":"2025-02-10T20:20:45+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/arcticwolf.com\/wp-content\/uploads\/2025\/01\/AW-MR-Vuln-OG-Image-01-250114.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_site":"@AWNetworks","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/","url":"https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/","name":"The Most Exploited Vulnerabilities of the Year - Arctic Wolf","isPartOf":{"@id":"https:\/\/arcticwolf.com\/uk\/#website"},"primaryImageOfPage":{"@id":"https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/#primaryimage"},"image":{"@id":"https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/#primaryimage"},"thumbnailUrl":"https:\/\/arcticwolf.com\/wp-content\/uploads\/2025\/01\/AW-MR-Vuln-OG-Image-01-250114.jpg","datePublished":"2025-01-28T14:43:44+00:00","dateModified":"2025-02-10T20:20:45+00:00","description":"In our list of the 25 most exploited vulnerabilities of the year, you'll uncover trends and insights you can use to guide your remediation and vulnerability management plans this year.","breadcrumb":{"@id":"https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/#primaryimage","url":"https:\/\/arcticwolf.com\/wp-content\/uploads\/2025\/01\/AW-MR-Vuln-OG-Image-01-250114.jpg","contentUrl":"https:\/\/arcticwolf.com\/wp-content\/uploads\/2025\/01\/AW-MR-Vuln-OG-Image-01-250114.jpg","width":1200,"height":628},{"@type":"BreadcrumbList","@id":"https:\/\/arcticwolf.com\/uk\/the-most-exploited-vulnerabilities-of-the-year\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/arcticwolf.com\/uk\/"},{"@type":"ListItem","position":2,"name":"The Most Exploited Vulnerabilities of the Year"}]},{"@type":"WebSite","@id":"https:\/\/arcticwolf.com\/uk\/#website","url":"https:\/\/arcticwolf.com\/uk\/","name":"Arctic Wolf","description":"The Leaders in Security Operations","publisher":{"@id":"https:\/\/arcticwolf.com\/uk\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/arcticwolf.com\/uk\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/arcticwolf.com\/uk\/#organization","name":"Arctic Wolf Networks","alternateName":"Arctic Wolf","url":"https:\/\/arcticwolf.com\/uk\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/arcticwolf.com\/uk\/#\/schema\/logo\/image\/","url":"https:\/\/arcticwolf.com\/wp-content\/uploads\/2025\/01\/AW-Logo-Main-AuroraFY25.png","contentUrl":"https:\/\/arcticwolf.com\/wp-content\/uploads\/2025\/01\/AW-Logo-Main-AuroraFY25.png","width":655,"height":232,"caption":"Arctic Wolf Networks"},"image":{"@id":"https:\/\/arcticwolf.com\/uk\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/ArcticWolfNetworks","https:\/\/x.com\/AWNetworks","https:\/\/www.linkedin.com\/company\/arcticwolf","https:\/\/www.youtube.com\/ArcticWolfNetworks"]}]}},"_links":{"self":[{"href":"https:\/\/arcticwolf.com\/uk\/wp-json\/wp\/v2\/pages\/122782","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/arcticwolf.com\/uk\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/arcticwolf.com\/uk\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/arcticwolf.com\/uk\/wp-json\/wp\/v2\/users\/65"}],"replies":[{"embeddable":true,"href":"https:\/\/arcticwolf.com\/uk\/wp-json\/wp\/v2\/comments?post=122782"}],"version-history":[{"count":0,"href":"https:\/\/arcticwolf.com\/uk\/wp-json\/wp\/v2\/pages\/122782\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/arcticwolf.com\/uk\/wp-json\/wp\/v2\/media\/122783"}],"wp:attachment":[{"href":"https:\/\/arcticwolf.com\/uk\/wp-json\/wp\/v2\/media?parent=122782"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}