CVE-2023-1388
published 2023-06-07CVE-2023-1388: A heap-based overflow vulnerability in TA prior to version 5.7.9 allows a remote user to alter the page heap in the macmnsvc process memory block, resulting in…
PriorityP340high8.1CVSS 3.1
AVNACLPRLUINSUCNIHAH
EPSS
0.57%
42.9th percentile
A heap-based overflow vulnerability in TA prior to version 5.7.9 allows a remote user to alter the page heap in the macmnsvc process memory block, resulting in the service becoming unavailable.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| trellix | agent | < 5.7.9 | 5.7.9 |
| trellix | trellix_agent | — | — |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
cisa7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-437c-g4h8-jrv4: A heap-based overflow vulnerability in TA prior to version 5
ghsa_unreviewed·2023-06-07
CVE-2023-1388 [HIGH] CWE-787 GHSA-437c-g4h8-jrv4: A heap-based overflow vulnerability in TA prior to version 5
A heap-based overflow vulnerability in TA prior to version 5.7.9 allows a remote user to alter the page heap in the macmnsvc process memory block, resulting in the service becoming unavailable.
CISA
Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability
cisa·2023-04-07·CVSS 7.8
CVE-2019-1388 [HIGH] CWE-269 Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability
Vulnerability: Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability
Affected: Microsoft Windows
Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes in an elevated context.
Required Action: Apply updates per vendor instructions.
Notes: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1388; https://nvd.nist.gov/vuln/detail/CVE-2019-1388
Remediation Due Date: 2023-04-28
Suricata
ET EXPLOIT F5 BIG-IP iControl REST Authentication Bypass Attempt (CVE-2022-1388) M3
suricata·2023-11-20·CVSS 9.8
CVE-2022-1388 [CRITICAL] ET EXPLOIT F5 BIG-IP iControl REST Authentication Bypass Attempt (CVE-2022-1388) M3
ET EXPLOIT F5 BIG-IP iControl REST Authentication Bypass Attempt (CVE-2022-1388) M3
Rule: alert http any any -> $HOME_NET any (msg:"ET EXPLOIT F5 BIG-IP iControl REST Authentication Bypass Attempt (CVE-2022-1388) M3"; flow:established,to_server; flowbits:set,ET.F5AuthBypass; http.method; content:!"GET"; http.uri; content:"/mgmt/tm"; startswith; http.request_header; header_lowercase; content:"authorization|3a 20|"; startswith; content:"YWRtaW46"; distance:0; http.header_names; to_lowercase; content:!"|0d 0a|referer|0d 0a|"; content:"|0d 0a|x-f5-auth-token|0d 0a|"; fast_pattern; threshold:type limit, count 1, seconds 60, track by_src; reference:cve,2022-1388; classtype:attempted-admin; sid:2049256; rev:3; metadata:affected_product F5, created_at 2023_11_20, cve CVE_2022_1388, deployment Per
No public exploits indexed.
No writeups or analysis indexed.
2023-06-07
Published