#Exploits and vulnerabilities

Many Hikvision cameras are vulnerable to a critical, unauthenticated, remote code execution (RCE) vulnerability. Categories: Exploits and vulnerabilities Tags: CVE-2021-36260 hikvision PTZ Watchful_IP *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/patch-now-insecure-hikvision-security-cameras-can-be-taken-over-remotely/ ) )* The post Patch now! Insecure Hikvision security cameras can be taken over remotely appeared first on Malwarebytes Labs.

CVE-2021-22005 has a CVSS score of 9.8 and should be treated as an "emergency change", according to VMWare. Categories: Exploits and vulnerabilities Tags: CVE-2021-22005 vcenter vmware *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/patch-vcenter-server-right-now-vmware-expects-cve-2021-22005-exploitation-within-minutes-of-disclosure/ ) )* The post Patch vCenter Server “right now”, VMWare expects CVE-2021-22005 exploitation within minutes of disclosure appeared first on Malwarebytes Labs.

APT actors are exploiting a recently-discovered flaw in ManageEngine's self-service password management product. Categories: Exploits and vulnerabilities Tags: adselfservice plus APT cgcyber cisa cve-2021-40539 fbi managengine Zoho *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/fbi-and-cisa-warn-of-apt-groups-exploiting-adselfservice-plus/ ) )* The post FBI and CISA warn of APT groups exploiting ADSelfService Plus appeared first on Malwarebytes Labs.