KEV Report - October 2024

Are you fully aware of the Common Vulnerabilities and Exposures (CVEs) currently being exploited that could potentially impact your threat landscape?

Here is the complete list of vulnerabilities for this month that we've updated within our platform, to be treated as a priority.

Notably, it’s been quieter than usual, with no major client-impacting data breaches or significant exploit activity observed. We’ll continue to monitor as the holiday season approaches.

Top Reported Known Exploitable Issues:?

1. CVE-2024-49039 | Windows Task Scheduler Elevation of Privilege Vulnerability
2. CVE-2024-43451 | Windows NTLM Hash Disclosure Spoofing Vulnerability
3. CVE-2024-5910 | Palo Alto
4. CVE-2024-8069 | Citrix
5. CVE-2024-8068 | Citrix Privilege escalation to NetworkService Account access
6. CVE-2024-20418 | Cisco Wireless
7. CVE-2024-10443 | Synology
8. CVE-2024-43093 | Android

For full details on the above, please download the report (don't worry, it's not gated!).

Exploit Detection Service and Velma Active Exploit Service Performance Overview

Jon Bellard, Head of Product?

“As of 2024 year-to-date (YTD), our Exploit Detection Service has added 1,569 new exploits, surpassing the total of 1,549 exploits added in 2023. This growth highlights our ongoing commitment to enhancing detection capabilities but with a key focus: relevance over noise.

Our platform doesn't aim to simply detect the most exploits; instead, we focus on correlating the most pertinent threats to each client's unique environment, ensuring that our notifications are meaningful and actionable, not overwhelming. By correlating these exploits with clients’ vulnerability data, we've potentially alerted thousands of users to critical risks that are directly relevant to their operations, helping them take targeted action.

Similarly, Velma, our Active Exploit Service, has identified 949 actively exploited CVEs so far in 2024. Velma is designed to track vulnerabilities being actively exploited in the wild, ensuring our clients receive real-time, actionable intelligence on the threats that pose the greatest risk. This insight allows for precise remediation efforts, reducing exposure to live, high-risk threats and cutting through the noise of irrelevant data.

Our platform's strength lies in its precision and relevance. We prioritize providing insights that matter most to each client’s specific dataset, not flooding them with unnecessary alerts. The numbers for both services reflect our ability to detect, correlate, and notify users about only the most pertinent exploit activities, reinforcing our commitment to proactive, high-impact threat management.”

Quick Guide to DORA Compliance

We’ve compiled this quick guide and checklist to help your organization navigate DORA compliance. Whether you’re just starting or looking to fine-tune your approach, this guide provides a clear roadmap to ensure you meet all the key requirements.

At Rootshell Security, we’re here to support you every step of the way, from implementing risk management frameworks to testing your resilience and streamlining incident response.

Latest Blog

Staying one step ahead of potential threats has become increasingly challenging, so don't get left behind.

Subscribe to Rootshell's CyberBytes Newsletter to get all the latest updates and KEV's or email us at [email protected] to request a demo of our platform, where this information is overlayed with your data.