Joint CyberSecurity Advisory on a U.S. Federal Agency Breached by Iranian Threat Actors
FortiGuard Labs is aware of a joint advisory (AA22-320A) issued by Cybersecurity and Infrastructure security Agency (CISA) and the Federal Bureau of Investigation (FBI) on...
APT Billbug Victimized Asian Certification Authority and Government Agencies
FortiGuard Labs is aware of a report that APT group "Billbug" compromised a certificate authority (CA) as well as multiple government and defense organizations in...
ZDI-22-1647: Microsoft Exchange PEFile Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. Read More
ZDI-22-1648: Microsoft Exchange TraceFile Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. Read More
ZDI-22-1649: Microsoft Exchange FileLog Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to delete arbitrary files and create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit...
ZDI-22-1650: Microsoft Exchange OrganizationInitializationDefinition External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. Read More
ZDI-22-1651: Microsoft Exchange FormattedTextWriterTraceListener Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. Read More
ZDI-22-1652: Microsoft Exchange MatlabWriter Exposed Dangerous Function Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. Read More
ZDI-22-1653: Microsoft Exchange FileHandler Exposed Dangerous Function Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. Read More
ZDI-22-1654: Microsoft Exchange DagNetMultiValuedProperty Exposed Dangerous Function Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. Read More