Skip to content
Auto-CTI
Archive view — this data may be outdated.

CTI status

Joel Traber AG

As of:

Last pipeline run:

Status High

All threats

Sorted by KEV · Risk · EPSS
KEV NEW Microsoft HAFNIUM (Chinese state-sponsored)
55

CVE-2021-27065 — Microsoft Exchange Server Remote Code Execution Vulnerability

This CVE is part of the Proxylogon chain (CVE-2021-26855 + 27065) actively exploited by state-sponsored actors (HAFNIUM/China) since early 2021; patch status should be verified immediately as critical infrastructure and manufacturing sectors remain targets.

Critical CVSS 7.8 EPSS 94%
KEV NEW Netapp
55

CVE-2025-0411 — 7-Zip Mark of the Web Bypass Vulnerability

Mark of the Web bypass enables malicious 7z archives to execute without user warning when extracted, elevating phishing+social engineering risk in manufacturing environments where CAD/design files are routinely shared.

Critical CVSS 7.0 EPSS 52%
KEV NEW Microsoft Hafnium (suspected APT40)
55

CVE-2021-26857 — Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2021-26857 was exploited by state-sponsored Hafnium (suspected APT40) against European manufacturing and utilities in early 2021; DACH SMEs running Exchange must treat this as a nation-state supply-chain threat even if patched, as forensics may reveal lateral movement into manufacturing control networks.

Critical CVSS 7.8 EPSS 45%
NEW Microsoft
20

Microsoft won’t patch PhantomRPC: Feature or bug?

Microsoft's decision not to patch PhantomRPC suggests either a design-level architectural decision or disputed severity classification; critical for organizations relying on RPC-dependent legacy systems and manufacturing tools.

High
NEW sudo
20

[UPDATE] sudo: Mehrere Schwachstellen

BSI update confirms multiple sudo flaws enabling local root escalation; critical for Ubuntu 24.04 LTS systems used in manufacturing environment where industrial control access (SIMATIC WinCC, TIA Portal, PLCs) depends on privilege separation.

High
NEW Oracle
20

[UPDATE] Oracle Java SE: Mehrere Schwachstellen

BSI official advisory on Oracle Java SE indicates this is a coordinated disclosure—likely covering recent Java SE critical patch updates; Joel Traber AG should prioritize patching Java runtimes used in Abacus ERP and development environments.

High
NEW Google
20

Google Chrome: Mehrere Schwachstellen

BSI advisory flags multiple Chrome vulnerabilities with unspecified details; patch status and CVE list should be tracked as details emerge.

High
NEW Google; Microsoft
20

Google Chrome und Microsoft Edge: Mehrere Schwachstellen

BSI has issued a warning on multiple Chrome/Edge vulnerabilities without full disclosure yet—suggests active exploitation risk or zero-day concerns in DACH region; immediate patch monitoring required.

High
NEW FreeRDP
20

[UPDATE] FreeRDP: Mehrere Schwachstellen

BSI advisory on FreeRDP multiple vulnerabilities affecting arbitrary code execution and DoS; relevant for organisations deploying open-source RDP alternatives or legacy RDP-based infrastructure.

High
NEW Microsoft
20

[UPDATE] Microsoft Windows: Mehrere Schwachstellen

BSI advisory on multiple Windows vulnerabilities affecting privilege escalation and RCE vectors; no specific CVEs listed in this update notice, suggesting rolling advisory covering recent patches or embargo-period disclosures.

High
NEW Synology
20

Synology DiskStation Manager: Mehrere Schwachstellen

BSI warning on multiple DSM vulnerabilities affecting a core backup/storage component; no CVE numbers provided in alert, suggesting coordinated or embargoed disclosure—immediate patching of Synology DSM systems recommended.

High
NEW Adobe
20

Adobe Creative Cloud Applikationen: Mehrere Schwachstellen

BSI advisory confirms multiple unpatched or recently patched vulnerabilities in Creative Cloud suite affecting German manufacturing; recommend immediate patch review and user awareness on suspicious file sources.

High
NEW Adobe
20

Adobe Acrobat DC: Mehrere Schwachstellen

BSI advisory on multiple unspecified Adobe Acrobat DC/Reader DC RCE and privilege escalation flaws; lack of CVE details suggests active advisory or coordinated disclosure window.

High
NEW Intel
20

Intel Prozessoren: Mehrere Schwachstellen

BSI official warning signals coordinated vulnerability disclosure affecting core compute infrastructure; DACH supply-chain and manufacturing sectors should prioritize patching.

High
NEW Microsoft
20

Exploits Turn Windows Defender Into Attacker Tool

Exploitation technique that converts Windows Defender from defensive tool into attack vector represents a critical defense-in-depth concern for organizations relying on Microsoft's endpoint protection as primary security layer.

High
NEW Microsoft
20

Bypassing Windows Administrator Protection

Project Zero disclosed a method to bypass Windows Administrator Protection by exploiting TokenLinkedToken query behavior that generates new logon sessions, enabling potential privilege escalation on vulnerable systems.

High
NEW Ubiquiti; ConnectWise
20

23rd March – Threat Intelligence Report

Ubiquiti UniFi critical vulnerability directly affects company's network infrastructure; ScreenConnect flaw relevant to remote access security posture across managed IT services.

High
NEW Linux
0

[UPDATE] Linux Kernel: Mehrere Schwachstellen

BSI advisory signals multiple unspecified kernel CVEs requiring patch assessment across Ubuntu 24.04 LTS fleet; prioritize kernel updates in WSUS/patch management.

Medium
NEW Microsoft
0

Microsoft Edge: Mehrere Schwachstellen

BSI generic advisory without CVE details limits immediate patching clarity; requires monitoring for published CVE list and Microsoft security updates.

Medium
What has changed since yesterday? →
ESC