Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism | allinfosecnews.com

Dec. 13, 2022, 6:40 p.m. | Chris Thompson

Security Intelligence securityintelligence.com

In September 2022, Microsoft patched an information disclosure vulnerability in SPNEGO NEGOEX (CVE-2022-37958). On December 13, Microsoft reclassified the vulnerability as “Critical” severity after IBM Security X-Force Red Security Researcher Valentina Palmiotti discovered the vulnerability could allow attackers to remotely execute code. The vulnerability is in the SPNEGO Extended Negotiation (NEGOEX) Security Mechanism, which allows […]

The post Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism appeared first on Security Intelligence.

application vulnerability code code execution common vulnerabilities and exposures critical ibm x-force research negotiation remote code execution security security services software vulnerabilities software vulnerability threat research vulnerability vulnerability analysis x-force

More from securityintelligence.com / Security Intelligence

AI cybersecurity solutions detect ransomware in under 60 seconds 2 days, 3 hours ago | securityintelligence.com

ai cybersecurity ai cybersecurity solutions artificial intelligence artificial intelligence (ai) +23

NIST’s role in the global tech race against AI 1 week ago | securityintelligence.com

address ai risk ai risk management artificial +27

Researchers develop malicious AI ‘worm’ targeting generative AI systems 1 week, 1 day ago | securityintelligence.com

ai cybersecurity ai services artificial intelligence artificial intelligence (ai) +25

Passwords, passkeys and familiarity bias 1 week, 2 days ago | securityintelligence.com

adoption authentication bias cybersecurity +11

Unpacking the NIST cybersecurity framework 2.0 2 weeks ago | securityintelligence.com

april business csf csf 2.0 +21

What should Security Operations teams take away from the IBM X-Force 2024 Threat Intelligence Index? 2 weeks, 1 day ago | securityintelligence.com

attacks blog blog post credentials +24

Obtaining security clearance: Hurdles and requirements 2 weeks, 2 days ago | securityintelligence.com

clearance closer defense far +17

Ransomware payouts hit all-time high, but that’s not the whole story 3 weeks ago | securityintelligence.com

all-time high conflict contributed cyber +16

What should an AI ethics governance framework look like? 3 weeks, 1 day ago | securityintelligence.com

ai ethics artificial intelligence artificial intelligence (ai) consequences +17

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Principal Business Value Consultant

@ Palo Alto Networks | Chicago, IL, United States

View on infosec-jobs.com

Cybersecurity Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX

View on infosec-jobs.com

Penetration Testing Engineer- Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700

View on infosec-jobs.com

Internal Audit- Compliance & Legal Audit-Dallas-Associate

@ Goldman Sachs | Dallas, Texas, United States

View on infosec-jobs.com

Threat Responder

@ Deepwatch | Remote

View on infosec-jobs.com