all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

Add to bookmarks
April 14, 2023, 7:15 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The two flaws are listed below -

CVE-2023-20963 (CVSS score: 7.8) - Android Framework Privilege Escalation Vulnerability
CVE-2023-29492 (CVSS score: TBD) - Novi Survey Insecure Deserialization Vulnerability

agency android android framework catalog cisa cve cvss cybersecurity deserialization escalation exploitation exploited flaws framework infrastructure infrastructure security insecure kev known exploited vulnerabilities privilege privilege escalation score security survey under vulnerabilities vulnerability

Visit resource

More from thehackernews.com / The Hacker News

Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks 10 hours ago | thehackernews.com
advanced advanced persistent threat apt apt44 +21
GenAI: A New Headache for SaaS Security Teams 13 hours ago | thehackernews.com
capabilities chatgpt genai generative +17
Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware 13 hours ago | thehackernews.com
account administrator atlassian atlassian confluence +31
Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign 13 hours ago | thehackernews.com
attacker campaign critical cve +28
Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services 15 hours ago | thehackernews.com
application attacks authentication brute +21
OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt 1 day, 8 hours ago | thehackernews.com
council emails foundation github +14
TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks 1 day, 10 hours ago | thehackernews.com
actor agent agent tesla attacks +23
AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs 1 day, 10 hours ago | thehackernews.com
amazon amazon web services aws aws cli +29
Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack 1 day, 13 hours ago | thehackernews.com
alerting attack client critical +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

KDN IAM Associate Consultant

@ KPMG India | Hyderabad, Telangana, India
View on infosec-jobs.com

Staff Test and Evaluation Engineer - Electronic Warfare

@ Anduril | Costa Mesa, California, United States
View on infosec-jobs.com

Junior Project Cybersecurity Manager

@ NXP Semiconductors | Bucharest
View on infosec-jobs.com

Embedded PSOC Analyst

@ Sibylline Ltd | London, United Kingdom
View on infosec-jobs.com
View more jobs