The digest of March trending vulnerabilities was published on the Positive Technologies website (in Russian). I also generated a Vulristics report for these vulnerabilities. There are 5 vulnerabilities in total.
🔻 For 3 vulnerabilities there are exploits and confirmed signs of exploitation in the wild: AuthBypass – TeamCity (CVE-2024-27198), RCE – FortiClientEMS (CVE-2023-48788), EoP – Windows Kernel (CVE-2024-21338).
🔻 For 2 more vulnerabilities there are no signs of exploitation in the wild yet, but there are exploits: EoP – Windows CLFS Driver (CVE-2023-36424), RCE – Microsoft Outlook (CVE-2024-21378).
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.