VMware has patched seven serious vulnerabilities in its Avi Load Balancer that could allow attackers to bypass authentication, execute remote code, escalate privileges, and traverse directories. These vulnerabilities pose a significant risk to organizations relying on this load balancing technology, as they could lead to unauthorized access and control over systems. Users of VMware Avi Load Balancer should prioritize applying the latest patches to safeguard their environments. The severity of these vulnerabilities highlights the ongoing need for vigilance in cybersecurity practices, especially for widely used infrastructure components.
Articles tagged "Privilege Escalation"
Found 49 articles
ABB has identified a vulnerability, CVE-2026-31431, in its ABB Ability Edgenius platform, which affects versions 3.2.0.0 to 3.2.4.0. This vulnerability is linked to a flaw in the Linux kernel's cryptographic interface that could allow a locally authenticated user to gain elevated privileges, potentially leading to full control of the system. While there have been no reports of this vulnerability being exploited in the wild, ABB recommends that users update to version 3.2.4.1 to mitigate the risk. Users should also limit access to their systems to enhance security. This incident underscores the importance of timely software updates and access controls in protecting against potential exploits.
Researchers have identified three serious vulnerabilities in the OpenClaw personal AI assistant that, if exploited, could allow attackers to steal user credentials, escalate privileges, and execute arbitrary code on the host device. These vulnerabilities have been assigned high CVSS scores, with one flaw rated at 8.8, indicating a significant risk. While the vulnerabilities have been patched, the details raise concerns about the security of AI applications and the potential for misuse. Users of OpenClaw and similar AI assistants should ensure they are running the latest updates to protect against these risks. This incident serves as a reminder of the importance of regular software maintenance and vigilance in cybersecurity practices.
Help Net Security
Microsoft has rolled out a security update to address a serious vulnerability in its Malware Protection Engine, specifically CVE-2026-50656. This flaw, which affects Windows 10 and Windows 11, allows authenticated attackers to escalate their privileges to SYSTEM-level by exploiting improper link resolution before file access. The vulnerability was brought to light on June 10, and it poses a significant risk as it can be exploited with relatively low complexity. Users of affected systems should prioritize applying this update to safeguard their devices against potential attacks that could compromise system security.
Microsoft has addressed a significant vulnerability in its Defender antivirus software, dubbed RoguePlanet, which was made public nearly a month ago. This flaw, tracked as CVE-2026-50656, has a CVSS score of 7.8, indicating a high risk of privilege escalation. It affects the Microsoft Malware Protection Engine, specifically the 'mpengine.dll' component responsible for scanning and cleaning malware. If exploited, this vulnerability could allow attackers to gain SYSTEM privileges on affected systems, posing a serious security risk. Users of Microsoft Defender are urged to apply the latest security updates to protect their systems from potential exploitation.
Security Affairs
Ubiquiti has addressed seven vulnerabilities in its UniFi OS, among which is a critical flaw designated as CVE-2026-50746. This particular vulnerability, with a maximum severity score of 10.0, allows for command injection attacks within the UniFi Connect Application, affecting versions 3.4.16 and earlier. This means that attackers could potentially execute arbitrary commands on the affected systems, leading to possible unauthorized access or control. Users of the UniFi Connect Application are urged to update their software to safeguard against these vulnerabilities. The implications of these flaws are significant, as they could expose sensitive data and disrupt services for organizations relying on Ubiquiti's solutions.
The Hacker News
Ubiquiti has released critical updates to address serious security vulnerabilities affecting several of its products, including UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS. One of the vulnerabilities, identified as CVE-2026-50746, has a CVSS score of 10.0, indicating its severity. These flaws could allow attackers to gain unauthorized privileges and execute arbitrary commands, posing significant risks to users. The affected systems are widely used in network management and security, making the urgency of these patches clear. Users are strongly advised to apply the updates to protect their systems from potential exploitation.
Siemens has identified multiple vulnerabilities in its SINEC OS, particularly affecting the RUGGEDCOM RST2428P product. The issues stem from improper input validation, leading to potential allocation failures that could compromise system operations. Siemens has recommended users upgrade to version 4.0 or later to mitigate these risks. The vulnerabilities have been assigned CVE identifiers, indicating their recognition in the cybersecurity community. This situation is significant as it affects industrial control systems, which are critical for operational integrity and security.
Hydro-Québec's Le Circuit Electrique charging station backend has several critical vulnerabilities that could be exploited by attackers. These include improper access controls that allow unauthorized connections, insufficient restrictions on authentication attempts, and the ability to overload the system with multiple connections. If exploited, these vulnerabilities could lead to privilege escalation or denial-of-service attacks, affecting the operation of charging stations across Canada. Hydro-Québec has taken steps to mitigate these risks by disabling certain protocols and implementing stronger authentication measures. Users of these charging stations should remain vigilant and ensure their systems are updated to protect against potential exploitation.
Recently, two proof-of-concept (PoC) exploits for vulnerabilities in the Linux kernel have been published, enabling local privilege escalation. One of these flaws is known as DirtyClone, which is related to the DirtyFrag vulnerability class. These vulnerabilities could allow attackers with local access to escalate their privileges, potentially gaining control over sensitive system functions. This is particularly concerning for systems that rely heavily on Linux, as it could lead to unauthorized access to critical data and services. Users and administrators should be aware of these vulnerabilities and take necessary precautions to secure their systems against potential exploitation.
A new privilege escalation vulnerability in the Linux kernel, known as DirtyClone, has been identified, allowing local users to gain root access by exploiting corrupted file-backed memory through cloned network packets. This flaw, tracked as CVE-2026-43503, has a CVSS score of 8.8, indicating a high severity level. JFrog Security Research demonstrated a working exploit for this vulnerability on June 25, marking the first public showcase of its kind. Users and organizations running affected Linux systems should be aware of the potential risks this flaw poses, as it can be exploited to take control of systems if not addressed promptly. A patch has been released to mitigate this issue, and users are encouraged to apply it as soon as possible to protect their systems.
Microsoft has confirmed a serious vulnerability in its Defender software, identified as the RoguePlanet zero-day (CVE-2026-50656), which has a CVSS score of 7.8. This flaw allows attackers to escalate privileges through the Microsoft Malware Protection Engine, potentially giving them greater access to affected systems. Microsoft is currently working on a security patch to address this issue but has not yet released specific details about the patch or when it will be available. Users of Microsoft Defender should remain vigilant and monitor for updates from Microsoft regarding this vulnerability, as it poses a significant risk to system security. The implications are serious, especially for organizations relying on Defender for malware protection.
Microsoft has reported that two vulnerabilities in its Defender software are currently being exploited. The first, identified as CVE-2026-41091, is a privilege escalation flaw that has a CVSS score of 7.8, meaning it poses a significant risk. If successfully exploited, attackers could gain SYSTEM privileges, which would allow them to control the affected systems. The second vulnerability is a denial-of-service flaw, though specific details about its CVE designation weren't provided. These vulnerabilities affect Microsoft Defender, and users of the software should be vigilant as attackers are actively exploiting these flaws in the wild. It's crucial for individuals and organizations to take immediate action to secure their systems.
Researchers have revealed a vulnerability in the Linux kernel, identified as CVE-2026-46333, which has remained unnoticed for nine years. This flaw involves improper privilege management, allowing unprivileged local users to access sensitive files and execute commands with root privileges on default installations of several major Linux distributions. The vulnerability has a CVSS score of 5.5, indicating a moderate severity level. Affected users include those running various Linux distributions, which could expose them to significant risks if exploited. It's crucial for system administrators and users to be aware of this vulnerability and take appropriate action to secure their systems.
Drupal has issued urgent security updates to address a serious vulnerability in Drupal Core, identified as CVE-2026-9082. This flaw can allow attackers to execute malicious code remotely, escalate privileges, or disclose sensitive information on PostgreSQL sites. With a CVSS score of 6.5, the vulnerability affects users relying on Drupal's database abstraction API. This issue is particularly concerning for organizations using Drupal for their web applications, as the potential for exploitation could lead to significant data breaches or system compromises. Users are strongly advised to apply the available security updates promptly to mitigate the risk.