Detect vulnerabilities early with Offensity

This is an overview of serious vulnerabilities that we have addressed and audited for our customers in recent weeks and months as part of Offensity. This list is only a small excerpt of relevant incidents. Offensity also detects a large number of additional vulnerabilities.

18.05.2021 Microsoft IIS Remote Code Execution (CVE-2021-31166) • Mailing to our customers about potential hazards and recommendations
05.05.2021 Exim Internet Mailer Remote Code Execution "21Nails" • Testing of externally accessible applications
• Alerting of affected customers
21.04.2021 SonicWall Email Security Remote Code Execution (CVE-2021-20021, CVE-2021-20022, CVE-2021-20023) • Testing of externally accessible applications
• Alerting of affected customers
21.04.2021 Pulse Secure VPN Remote Code Execution (CVE-2021-22893) • Testing of externally accessible applications
• Alerting of affected customers
16.04.2021 Microsoft Exchange Remote Code Execution (CVE-2021-28480, CVE-2021-28481 and more) • Testing of externally accessible applications
• Alerting of affected customers
03.03.2021 Microsoft Exchange Remote Code Execution (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) • Testing of externally accessible applications
• Alerting of affected customers
26.02.2021 VMware vCenter Remote Code Execution (CVE-2021-21972) • Testing of externally accessible applications
• Alerting of affected customers
12.02.2021 SAP Commerce Cloud Remote Code Execution (CVE-2021-21477) • Alerting customers who have SAP Commerce Cloud actively deployed on the Internet
25.01.2021 DNS-Resolver dnsmasq "DNSpooq" DNS Cache Poisoning & Buffer Overflow • Alerting of affected customers
02.11.2020 Oracle WebLogic Remote Code Execution in Oracle WebLogic (CVE-2020-14882) • Alerting of affected customers
14.10.2020 Microsoft ICMPv6 "Bad Neighbor" Remote Code Execution in Microsoft ICMPv6-Stack (CVE-2020-16898) • Mailing to our customers about potential hazards and recommendations
14.09.2020 Microsoft AD "Zerologon" Remote Code Execution in Microsoft Domain Controller (CVE-2020-1472) • Mailing to our customers about potential hazards and recommendations
11.09.2020 Microsoft Exchange Authenticated Remote Code Execution (CVE-2020-16875) • Testing of externally accessible OWA applications
• Alerting of affected customers
05.08.2020 Data leak: VPN endpoints Ein Angreifer hat private Daten inkl. Passwörter und privaten Schlüsseln von mehr als 900 VPN-Firmenzugängen in einem Untergrundforum veröffentlicht. • Alerting of affected customers
17.07.2020 GnuTLS Entschlüsseln von Inhalten (TLS 1.2) und Umgehung von Authentifizierung (TLS 1.3) (CVE-2020-13777) • Alerting of affected customers
14.06.2020 Microsoft DNS server "SigRed" Remote Code Execution (CVE-2020-1350) • Mailing to our customers about potential hazards and recommendations
16.06.2020 Ripple20 Remote Code Executions in TCP/IP-Stack von IoT-Geräten • Mailing to our customers about potential hazards and recommendations
10.03.2020 Microsoft SMB protocol Remote Code Execution (CVE-2020-0796) • Warning about externally accessible SMB ports
• Mailing to our customers about the potential risk of the vulnerability - also in internal networks
11.02.2020 Microsoft Exchange Authenticated Remote Code Execution (CVE-2020-0688) • Testing of externally accessible OWA applications
• Alerting of affected customers
11.01.2020 (PoC) Citrix Remote Code Execution (CVE-2019-19781) • Audit of externally accessible Citrix applications and alerting of affected customers
• Broadcast to our customers about threat potential and recommendations
• Blog post about affected servers in Austria