![Lightroom apk](https://cdn2.cdnme.se/5447227/9-3/16_64e61dfc9606ee7f98e9879e.png)
![last pass mfa last pass mfa](https://roi4cio.com/uploads/roi/company/LastPass-Logo.png)
![last pass mfa last pass mfa](https://www.xeweb.net/img/writeup/10.png)
![last pass mfa last pass mfa](https://i.ytimg.com/vi/3fU9yv7Q37o/maxresdefault.jpg)
This is despite the fact that CISA added the vulnerability to the KEV list without sharing details on how it was exploited. While CISA added the vulnerability to the KEV list without sharing details on how it was exploited in the wild, recent media reports have suggested that the data breach at LastPass that resulted in the theft of user vault data might be related to a Plex bug that was exploited to hack a DevOps engineer’s computer. The vulnerability was patched with the release of Plex Media Server version 1.19.3, and as it required an attacker to have administrative access to a Plex Media Server in order to successfully exploit it, it was very unlikely that attackers would target it. With LastPass MFA, IT teams can configure a VPN through the Admin Console and assign the VPN to employees. Due to this vulnerability, an attacker who had access to the Plex account of the server administrator was able to submit a malicious file to the media server using the Camera Upload function and have the server execute the file. LastPass Multi-Factor Authentication adds an additional layer of security with MFA across single sign-on applications, workstations and VPNs. This flaw may be abused to remotely execute arbitrary Python code if it is exploited. The first problem is a high-severity vulnerability in Plex Media Server that has been tracked as CVE-2020-5741 and is defined as a deserialization issue.
![Lightroom apk](https://cdn2.cdnme.se/5447227/9-3/16_64e61dfc9606ee7f98e9879e.png)