CVE-2022-49042
The vulnerability allows local users to execute arbitrary code on backup management systems, compromising the integrity of backup infrastructure.
CTI status
As of:
Last pipeline run:
Source reliability
Information credibility
NATO Admiralty (AJP-2.1) grades confidence, independent of the risk score. Cross-source corroboration isn't tracked for non-CVE news, so single-source items are capped at a lower credibility number; a low number does not imply low quality.
The vulnerability allows local users to execute arbitrary code on backup management systems, compromising the integrity of backup infrastructure.
Local code execution vulnerability in Synology Active Backup for Business requires patching to version 2.5.0-2081 or later to mitigate risks from local attackers.
New Atlas RAT malware demonstrates targeted adaptation by Chinese APT groups toward European infrastructure and signals escalation of DACH-region targeting.
The vulnerability exploits URI handler mechanisms to force network authentication, enabling passive capture of NTLMv2 hashes without requiring user interaction.
A debugging error in Microsoft 365 Android apps (Excel, Word, PowerPoint, OneNote, Loop, Copilot) disabled a critical security setting for token protection validation in production releases, allowing attackers to steal authentication tokens and take over accounts.
A large-scale npm supply chain attack compromises 32 packages under the @redhat-cloud-services scope via CI/CD pipeline infiltration, where attackers abused legitimate GitHub Actions OIDC workflows to publish trojanized packages with authentic signatures.
A path-traversal vulnerability in Synology Hyper Backup before version 4.1.2-4036 allows authenticated users to write arbitrary files and potentially compromise the integrity of backup systems.
Path-traversal vulnerability in Hyper Backup allows authenticated administrators to write non-sensitive files via unspecified vectors , requires admin privileges and is already fixed in version 4.1.2-4036.
Three of the patched vulnerabilities are already being actively exploited for remote code execution; immediate updates required.
BSI warns of multiple vulnerabilities in Microsoft Defender and Malware Protection Engine that enable attackers to achieve local privilege escalation, code execution, and denial of service.
The vulnerability affects HTTP/2 default configurations across multiple web server vendors and enables unauthenticated remote DoS , a newly discovered classification issue, not merely a patch.
A novel attack combination exploits HTTP/2 compression bombs and Slowloris-style techniques to incapacitate web servers without requiring specific patches.
An authenticated user can inject persistent JavaScript into a customer record and compromise every POS operator in the organization who retrieves that record.
Attackers are using AI-driven automation to systematically test and refine evasion techniques against EDR solutions , signaling a professionalization of attack preparation workflows.
A zero-day vulnerability in VS Code enables attackers to exfiltrate GitHub tokens with minimal user interaction, potentially compromising access to code repositories and CI/CD pipelines.
BSI advisory on Intel processor vulnerabilities without CVE identifiers; specific versions and affected processor generations must be retrieved from the complete BSI publication.