CVE-2021-22333
There is an Improper Validation of Array Index vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause code to execute, thus obtaining system permissions.
Similar Posts
Attacks Surge After Code Published
Application Security , Cybercrime , Cybercrime as-a-service Strikes Increase After ProxyLogon Proof-of-Concept Attack Code Released Akshaya Asokan (asokan_akshaya) • March 20, 2021 There has been a spike in web shells being detected, as ransomware gangs and other attackers increasingly target vulnerable Microsoft Exchange Servers following publication of proof-of-concept attack code for ProxyLogon, which…
Accenture knew about ransomware attack in late July: report – Security
Accenture spotted the LockBit ransomware attack on its systems as far back as July 30 and found that hackers had stolen documents referencing clients, as well as work materials created on clients’ behalf, according to a report from cybersecurity news site CyberScoop. The publicly traded IT consultancy initially confirmed the ransomware attack on Wednesday in…
Vulnerability Management: Essential Components
Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management Steve Yurich, CISO of Penn National Insurance, on the Need for Frequent Scanning Suparna Goswami (gsuparna) • May 3, 2021 Steve Yurich, CISO at Penn National Insurance Effective vulnerability management requires more frequent scanning of infrastructure, says Steve…
Half a billion Facebook users’ information posted on hacking website, cyber experts say
(CNN) — The personal information of about half a billion Facebook users, including their phone numbers, have been posted to a website used by hackers, cybersecurity experts say. There are records for more than 32 million accounts in the United States, 11 million in the United Kingdom, and 6 million in India, according to Alon…
Australia proposes teaching cyber-security to five-year-old kids
Australia has decided that six-year-old children need education on cyber-security, even as it removes other material from the national curriculum. A newly revised draft of the national curriculum for children aged five to sixteen, launched yesterday, added a new strand titled “Considering privacy and security” that “involves students developing appropriate techniques for managing data, which…
Exploit Released for Workable Windows HTTP Bug
A security researcher has published a PoC test code to exploit a worm-like vulnerability (CVE-2021-31166) in Windows IIS server. The issue scored 9.8 out of 10 maximum on the CVSSv3 scale and is a memory corruption vulnerability in the HTTP protocol stack included in recent versions of Windows. The stack is used by the embedded…