Tag: cve
-
CVE-2025-8355 CVE-2025-8356: Xerox Issues Urgent Fixes for SSRF and RCE Bugs
Xerox Corporation has issued urgent security updates addressing two high-impact vulnerabilities in its FreeFlow Core software. The flaws, now tracked as CVE-2025-8355 and CVE-2025-8356, have the potential to expose enterprise environments to server-side request forgery (SSRF) and remote code execution (RCE) attacks if left unpatched. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/xerox-fixes-cve-2025-8355-and-8356/
-
Windows RPC Protocol Exploited to Launch Server Spoofing Attacks
A vulnerability in Microsoft Windows’ Remote Procedure Call (RPC) protocol has been discovered that allows attackers to manipulate core system communications and launch sophisticated server spoofing attacks. The flaw, designated CVE-2025-49760, enables unprivileged users to masquerade as legitimate system services and potentially escalate privileges or steal sensitive credentials. Security researcher SafeBreach uncovered the vulnerability through…
-
Windows RPC Protocol Exploited to Launch Server Spoofing Attacks
A vulnerability in Microsoft Windows’ Remote Procedure Call (RPC) protocol has been discovered that allows attackers to manipulate core system communications and launch sophisticated server spoofing attacks. The flaw, designated CVE-2025-49760, enables unprivileged users to masquerade as legitimate system services and potentially escalate privileges or steal sensitive credentials. Security researcher SafeBreach uncovered the vulnerability through…
-
Xerox FreeFlow Flaws Enable SSRF and Remote Code Execution
Xerox Corporation has released critical security updates for its FreeFlow Core software, addressing two significant vulnerabilities that could allow attackers to perform server-side request forgery (SSRF) attacks and achieve remote code execution on affected systems. The security flaws, identified as CVE-2025-8355 and CVE-2025-8356, affect FreeFlow Core version 8.0.4 and have been classified as >>IMPORTANT
-
WinRAR Zero-Day Under Active Exploitation Update to Latest Version Immediately
The maintainers of the WinRAR file archiving utility have released an update to address an actively exploited zero-day vulnerability.Tracked as CVE-2025-8088 (CVSS score: 8.8), the issue has been described as a case of path traversal affecting the Windows version of the tool that could be exploited to obtain arbitrary code execution by crafting malicious archive…
-
7-Zip Vulnerability Lets Hackers Write Files and Run Malicious Code
A security vulnerability has been discovered in the popular 7-Zip file compression utility that could allow attackers to write arbitrary files to victim systems and potentially execute malicious code. The flaw, tracked as CVE-2025-55188, affects all versions of 7-Zip prior to the recently released version 25.01 and stems from improper handling of symbolic links during…
-
Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation
Cybersecurity researchers have presented new findings related to a now-patched security issue in Microsoft’s Windows Remote Procedure Call (RPC) communication protocol that could be abused by an attacker to conduct spoofing attacks and impersonate a known server.The vulnerability, tracked as CVE-2025-49760 (CVSS score: 3.5), has been described by the tech giant as a Windows Storage…
-
WinRAR Zero-Day CVE-2025-8088 Exploited to Spread RomCom Malware
Critical WinRAR flaw CVE-2025-8088 exploited by Russia-linked hackers to spread RomCom malware, update to version 7.13 now to… First seen on hackread.com Jump to article: hackread.com/winrar-zero-day-cve-2025-8088-spread-romcom-malware/
-
Over 28,000 Microsoft Exchange Servers Exposed Online to CVE-2025-53786 Vulnerability
Tags: access, cve, cvss, cyber, cybersecurity, data, data-breach, flaw, Internet, microsoft, threat, vulnerabilityThe cybersecurity community faces a significant threat as scanning data reveals over 28,000 unpatched Microsoft Exchange servers remain exposed on the public internet, vulnerable to a critical security flaw designated CVE-2025-53786. This high-severity vulnerability, which carries a CVSS score of 8.0 out of 10, enables attackers with administrative access to on-premises Exchange servers to escalate…
-
Critical Linux Kernel Vulnerability Allows Attackers Gain Full Kernel-Level Control From Chrome Sandbox
August 9, 2025: A severe security vulnerability in the Linux kernel, dubbed CVE-2025-38236, has been uncovered by Google Project Zero researcher Jann Horn, exposing a pathway for attackers ranging from native code execution within the Chrome renderer sandbox to full kernel-level control on Linux systems. The flaw, tied to the obscure MSG_OOB feature in UNIX…
-
Über 28.000 ungepatchte hybride Exchange-Instanzen (CVE-2025-53786) online
Microsoft Exchange Server Hybrid-Konfigurationen sind durch die Elevation of Privilege-Schwachstelle Schwachstelle CVE-2025-53786 gefährdet. Über 28.000 Instanzen sind noch ungepatcht. Die US-CISA gibt den Behörden bis Montag, den 11. August 2025 Zeit zum Patchen. Was ist mit Deutschland? 28.000 hybride Exchange-Instanzen … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/08/09/ueber-28-000-ungepatchte-hybride-exchange-instanzen-cve-2025-53786-online/
-
Phishing attacks exploit WinRAR flaw CVE-2025-8088 to install RomCom
WinRAR flaw CVE-2025-8088, fixed in v7.13, was exploited as a zero-day in phishing attacks to install RomCom malware. The WinRAR flaw CVE-2025-8088, a directory traversal bug fixed in version 7.13, was exploited as a zero-day in phishing attacks to deliver RomCom malware, Bleeping Computer first reported. The flaw is a path traversal vulnerability affecting the…
-
WinRARDay für Phishing-Angriffe ausgenutzt
WinRAR-Zero-Day-Lücke CVE-2025-8088: RomCom nutzt eine Schwachstelle für das Phishing jetzt schnell auf Version 7.13 aktualisieren! First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/winrar-zero-day-fuer-phishing-angriffe-ausgenutzt-319329.html
-
ECScape: New AWS ECS flaw lets containers hijack IAM roles without breaking out
Fargate is comparatively safe: Amazon’s design makes the EC2 host, not the container, the security boundary. When multiple tasks with varying IAM roles share the same EC2, the risk of lateral escalation via ECScape increases. AWS did not immediately respond to CSO’s request for comment.Sweet Security has recommended mitigations that include disabling or restricting IMDS…
-
ECScape: New AWS ECS flaw lets containers hijack IAM roles without breaking out
Fargate is comparatively safe: Amazon’s design makes the EC2 host, not the container, the security boundary. When multiple tasks with varying IAM roles share the same EC2, the risk of lateral escalation via ECScape increases. AWS did not immediately respond to CSO’s request for comment.Sweet Security has recommended mitigations that include disabling or restricting IMDS…
-
CISA pledges to continue backing CVE Program after April funding fiasco
Federal officials told an audience at the Black Hat conference that the Trump administration fully supports and wants to improve the CVE Program, which is heavily used to track and share cybersecurity vulnerabilities. First seen on therecord.media Jump to article: therecord.media/cisa-pledges-support-cve-program-black-hat
-
August 2025 Patch Tuesday forecast: Try, try again
July turned into a surprisingly busy month. It started slowly with a fairly ‘calm’ Patch Tuesday as I forecasted in my last blog. Although there were 130 new CVEs addressed … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/08/august-2025-patch-tuesday-forecast/
-
CVE-2025-53786: Frequently Asked Questions About Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability
Tags: access, advisory, attack, authentication, cisa, cloud, cve, cybersecurity, exploit, flaw, identity, infrastructure, microsoft, mitigation, service, vulnerability, zero-dayFrequently asked questions about CVE-2025-53786, an elevation of privilege vulnerability affecting Microsoft Exchange Server Hybrid Deployments. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding an elevation of privilege vulnerability affecting Microsoft Exchange Server Hybrid Deployments. FAQ What is CVE-2025-53786 CVE-2025-53786 is an elevation of privilege…
-
August 2025 Patch Tuesday forecast: Try, try, again
July turned into a surprisingly busy month. It started slowly with a fairly ‘calm’ Patch Tuesday as I forecasted in my last blog. Although there were 130 new CVEs addressed … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/08/august-2025-patch-tuesday-forecast/
-
CISA Issues Urgent Advisory to Address Microsoft Exchange Flaw
Tags: advisory, authentication, cisa, cloud, cve, cyber, cybersecurity, flaw, infrastructure, microsoft, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive 25-02 on August 7, 2025, requiring federal agencies to immediately address a critical vulnerability in Microsoft Exchange hybrid configurations that could allow attackers to escalate from on-premises systems to cloud environments. Critical Security Vulnerability Discovered CISA has identified a post-authentication vulnerability designated CVE-2025-53786 affecting…
-
CISA Issues Urgent Advisory to Address Microsoft Exchange Flaw
Tags: advisory, authentication, cisa, cloud, cve, cyber, cybersecurity, flaw, infrastructure, microsoft, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive 25-02 on August 7, 2025, requiring federal agencies to immediately address a critical vulnerability in Microsoft Exchange hybrid configurations that could allow attackers to escalate from on-premises systems to cloud environments. Critical Security Vulnerability Discovered CISA has identified a post-authentication vulnerability designated CVE-2025-53786 affecting…
-
Microsoft Exchange Server Hybrid durch CVE-2025-53786 gefährdet
Noch ein Hinweis für Administratoren von Microsoft Exchange Server Hybrid-Konfigurationen. Microsoft weist darauf hin, dass diese Konstellationen durch eine Elevation of Privilege-Schwachstelle (CVE-2025-53786) gefährdet seien. Es gibt aber einen Hotfix, um diese Schwachstelle in diesen Hybrid-Konstellationen zu beseitigen und Hinweise, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/08/07/microsoft-exchange-server-hybrid-durch-cve-2025-53786-gefaehrdet/
-
Microsoft Exchange Server Hybrid durch CVE-2025-53786 gefährdet
Noch ein Hinweis für Administratoren von Microsoft Exchange Server Hybrid-Konfigurationen. Microsoft weist darauf hin, dass diese Konstellationen durch eine Elevation of Privilege-Schwachstelle (CVE-2025-53786) gefährdet seien. Es gibt aber einen Hotfix, um diese Schwachstelle in diesen Hybrid-Konstellationen zu beseitigen und Hinweise, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/08/07/microsoft-exchange-server-hybrid-durch-cve-2025-53786-gefaehrdet/
-
CISA orders fed agencies to patch new Exchange flaw by Monday
CISA has issued an emergency directive ordering all Federal Civilian Executive Branch (FCEB) agencies to mitigate a critical Microsoft Exchange hybrid vulnerability tracked as CVE-2025-53786 by Monday morning at 9:00 AM ET. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-fed-agencies-to-patch-new-cve-2025-53786-exchange-flaw/
-
Hybrid Exchange environment vulnerability needs fast action
if they haven’t already done so, install the Hot Fix released April 18, or any newer release, on their on-premises Exchange servers and follow the configuration instructions outlined in the document Deploy dedicated Exchange hybrid app. For additional details, they should refer to Exchange Server Security Changes for Hybrid Deployments;then reset the service principal’s keyCredentials. That reset should be…
-
HashiCorp Vault 0-Day Flaws Enable Remote Code Execution Attacks
Tags: attack, authentication, cve, cyber, flaw, open-source, remote-code-execution, vulnerability, zero-dayResearchers at Cyata have disclosed nine previously unknown zero-day vulnerabilities in HashiCorp Vault, a widely adopted open-source secrets management platform, enabling attackers to bypass authentication, escalate privileges, and achieve remote code execution (RCE). These flaws, assigned CVEs through responsible disclosure and patched in collaboration with HashiCorp, stem from subtle logic errors in core components like…
-
CISA, Microsoft warn of critical Exchange hybrid flaw CVE-2025-53786
CISA and Microsoft warn of CVE-2025-53786, a high-severity Exchange flaw allowing privilege escalation in hybrid cloud environments. CISA and Microsoft warn of a high-severity flaw, tracked as CVE-2025-53786, in Exchange hybrid deployments that allows attackers to escalate privileges in cloud setups. Microsoft address the vulnerability in Exchange Server 2016, 2019 and Subscription Edition RTM. The…
-
CISA Warns of ‘ToolShell’ Exploitation Chain Targeting SharePoint Servers; IOCs and Detections Released
Tags: authentication, cisa, cve, cyber, cybersecurity, data, detection, exploit, flaw, infrastructure, injection, microsoft, network, remote-code-execution, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding an exploitation chain dubbed >>ToolShell