Vulnerability in Identity Service Engine with exploit code patched by Cisco

A PoC is out there, but there's no evidence of abuse yet.

Patch Cisco ISE bug now before attackers abuse proof-of-concept exploit

No reports of active exploitation … yet Cisco patched a bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products that allows remote attackers with admin-level ...
CSOonline

Mirai botnet weaponizes PoC to exploit Wazuh open-source XDR flaw

Popular for monitoring Docker containers, Wazuh is being exploited by two Mirai botnet variants — one of which aligns closely with researchers’ previously released proof-of-concept attack against the ...
来自MSN

Today's LLMs craft exploits from patches at lightning speed

The time from vulnerability disclosure to proof-of-concept (PoC) exploit code can now be as short as a few hours, thanks to generative AI models.… Matthew Keely, of Platform Security and penetration ...
Bleeping Computer

Cisco warns of Identity Service Engine flaw with exploit code

Cisco has patched a vulnerability in its Identity Services Engine (ISE) network access control solution, with public proof-of-concept exploit code, that can be abused by attackers with admin ...
来自MSN

Fortinet finally cops to critical make-me-admin bug under active exploitation

Fortinet finally published a security advisory on Friday for a critical FortiWeb path traversal vulnerability under active exploitation – but it appears digital intruders got a month's head start.… ...