In June updates, Google and Qualcomm addressed significant vulnerabilities affected Andriod users that could lead to remote code execution (RCE) on applicable devices. The bugs, CVE-2020-0117, and CVE-2020-8597 affect Andriod versions 8 to 10 and can allow for RCE in the context of a privileged process. An attacker could potentially

According to researchers at ESET, three different connected home hub systems, Fibaro Home Center Lite, Homematic Central Control Unit, and Elko’s eLAN-RF-003 contain serious bugs that could allow for unauthenticated remote code execution (RCE) as well as information disclosure and man-in-the-middle attacks. The home hubs are used to connect to

IBM has not yet patched four serious security vulnerabilities that lie in the IBM Data Risk Manager (IDRM). The vulnerabilities can lead to unauthenticated remote code execution (RCE), according to an analysis from Agile Information Security. A proof-of-concept exploit is also available for version 2.0.3. IDRM serves as a software

According to Rapid7, over 350,000 Exchange servers across the globe remain exposed to a critical vulnerability patched by Microsoft in February. The vulnerability is actively exploited in the wild, according to researchers, and over 82% of the 433,464 Exchange servers detected are still vulnerable as of March 24. The vulnerability,

A security researcher has discovered two remote code execution vulnerabilities, one of which is deemed critical, in the open-source network configuration tool rConfig that thousands of network engineers are using to snapshots of more than 7 million network devices. The critical flaw, tracked as CVE-2019-16662, makes it possible for a

Google has released patches for 28 security vulnerabilities, 11 of which where critical flaws, affecting the Android operating system. Three of the critical bugs are remote code execution (RCE) flaws that could be exploited by attackers to run arbitrary code on vulnerable devices. The RCE vulnerabilities, tracked as CVE-2019-2184, CVE-2019-2185

Tenable researchers have uncovered a remote code-execution (RCE) flaw affecting the VPN software offered by Palo Alto Networks. The vulnerability, tracked as CVE-2019-1579, was inadvertently fixed in the latest versions of the software, even though the company was unaware of it at the time. However, older versions of the VPN