Tag: cve
-
CVE-2024-20439: Critical Cisco Smart Licensing Flaws Exploited
Two Critical Vulnerabilities Expose Administrative Access Two now-patched but previously critical vulnerabilities in Cisco Smart Licensing Utility are being actively exploited in the wild, according to reports from the SANS Internet Storm Center. These flaws affect versions 2.0.0, 2.1.0, and… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2024-20439-cisco-smart-licensing-flaws/
-
Tomcat RCE Vulnerability Exploited in the Wild Mitigation Steps Outlined
Tags: apache, cve, cyber, cybersecurity, exploit, malicious, mitigation, rce, remote-code-execution, update, vulnerabilityA recent vulnerability in Apache Tomcat, identified as CVE-2025-24813, has sparked concerns among cybersecurity professionals due to its potential for exploitation in unauthenticated remote code execution (RCE), severe information leakage, and malicious content injection. This vulnerability was publicly disclosed on March 10, 2025, along with a patch, and has already seen initial exploit attempts by…
-
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility
Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center.The two critical-rated vulnerabilities in question are listed below – CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in to…
-
Critical remote code execution flaw patched in Veeam backup servers
Tags: backup, cve, exploit, flaw, framework, programming, rce, remote-code-execution, risk, update, veeam, vulnerabilityWhy black lists are bad: Application developers have gotten in the habit of mitigating deserialization risks by creating blacklists of classes that could be dangerous when deserialized, and as watchTowr explains, this was also Veeam’s approach when addressing CVE-2024-40711. However, history has shown that blacklists are rarely complete.”Blacklists (also known as block-lists or deny-lists) are…
-
Progress Kemp LoadMaster (Load-Balancer) Schwachstelle CVE-2025-1758 (März 2025)
Kurzer Nachtrag und Hinweis für Administratoren, die den Load-Balancer LoadMaster von Progress Kemp verwenden. Zum 10. März 2025 hat der Anbieter mitgeteilt, dass die Schwachstelle CVE-2025-1758 durch ein Sicherheitsupdate geschlossen wurde. Was ist Progress Kemp? Von Progress Kemp gibt es den Load-Balancer LoadMaster, der … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/21/progress-kemp-loadmaster-load-balancer-schwachstellen-maerz-2025/
-
Veeam RCE bug lets domain users hack backup servers, patch now
Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/veeam-rce-bug-lets-domain-users-hack-backup-servers-patch-now/
-
Veeam fixed critical Backup Replication flaw CVE-2025-23120
Veeam released security patches for a critical Backup & Replication vulnerability that could let attackers remotely execute code. Veeam addressed a critical security vulnerability, tracked as CVE-2025-23120 (CVSS score of 9.9), impacting its Backup & Replication software that could lead to remote code execution. The vulnerability impacts 12.3.0.310 and all earlier version 12 builds, it was…
-
CVE-2024-48248: High-Severity NAKIVO Flaw Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency has identified a significant security flaw affecting NAKIVO Backup Replication software, adding it to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation in the wild. The vulnerability, tracked as CVE-2024-48248… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/nakivo-backup-software-flaw-exploited/
-
Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems
Veeam has released security updates to address a critical security flaw impacting its Backup & Replication software that could lead to remote code execution.The vulnerability, tracked as CVE-2025-23120, carries a CVSS score of 9.9 out of 10.0. It affects 12.3.0.310 and all earlier version 12 builds.”A vulnerability allowing remote code execution (RCE) by authenticated domain…
-
New Windows zero-day feared abused in widespread espionage for years
.The zero-day vulnerability, tracked as ZDI-CAN-25373, has yet to be publicly acknowledged and assigned a CVE-ID by Microsoft. ZDI-CAN-25373 has to do with the way Windows displays the contents of .lnk files, a type of binary file used by Windows to act as a shortcut to a file, folder, or application, through the Windows UI.A…
-
Cisco Smart Licensing Utility Vulnerabilities Under Hacker Exploitation
Recent reports indicate that hackers are actively trying to exploit two critical vulnerabilities in the Cisco Smart Licensing Utility. These vulnerabilities, identified as CVE-2024-20439 and CVE-2024-20440, were disclosed by Cisco in September. The first vulnerability involves a static credential issue, while the second is an information disclosure vulnerability related to excessive logging. Overview of the…
-
IBM Warns of AIX Vulnerabilities Allowing Arbitrary Command Execution
IBM has recently issued a critical security warning regarding vulnerabilities in its AIX operating system that could allow remote attackers to execute arbitrary commands. The vulnerabilities, identified as CVE-2024-56346 and CVE-2024-56347, were discovered in the IBM AIX nimesis NIM master service and the nimsh service SSL/TLS protection mechanisms. Affected Product The vulnerabilities impact versions 7.2…
-
Hackers Target Cisco Smart Licensing Utility Vulnerabilities
SANS is seeing attempts to exploit two critical Cisco Smart Licensing Utility vulnerabilities tracked as CVE-2024-20439 and CVE-2024-20440. The post Hackers Target Cisco Smart Licensing Utility Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/hackers-target-cisco-smart-licensing-utility-vulnerabilities/
-
CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability in question is CVE-2024-48248 (CVSS score: 8.6), an absolute path traversal bug that could allow an unauthenticated attacker to First seen on…
-
CISA Warns of NAKIVO Backup Flaw Exploited in Attacks with PoC Released
Tags: attack, backup, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a serious vulnerability in the NAKIVO Backup and Replication software, known as CVE-2024-48248. This vulnerability allows attackers to exploit an absolute path traversal flaw, enabling them to read arbitrary files without authentication. The vulnerability resides in the Director Web Interface of the…
-
Critical Veeam Backup Replication Vulnerability Allows Remote Execution of Malicious Code
Tags: backup, cve, cvss, cyber, malicious, remote-code-execution, risk, software, veeam, vulnerabilityA critical vulnerability in Veeam Backup & Replication software has been disclosed, posing a significant risk to users. This vulnerability, identified as CVE-2025-23120, allows remote code execution (RCE) by authenticated domain users. The severity of this issue is underscored by a CVSS v3.1 score of 9.9, indicating a high level of risk. The vulnerability has…
-
Linux Kernel Vulnerability Allows Attackers to Escalate Privileges via OutBounds Write
A recently discovered vulnerability in the Linux kernel, identified as CVE-2025-0927, poses a significant threat to system security. This flaw, present in the HFS+ file system driver, allows attackers to exploit an out-of-bounds write condition, potentially leading to local privilege escalation. The vulnerability can be triggered by manipulating a specially crafted HFS+ filesystem, which, under…
-
Critical Fortinet Vulnerability Draws Fresh Attention
CISA this week added CVE-2025-24472 to its catalog of known exploited vulnerabilities, citing ransomware activity targeting the authentication bypass flaw. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/critical-fortinet-vulnerability-draws-fresh-attention
-
Veeam Backup Replication RCE-Schwachstelle CVE-2025-23120
Nutzer von Veeam Backup & Replication müssen reagieren. Der Anbieter Veeam hat zum 19. März 2025 über eine Remote Code Execution (RCE) Schwachstelle CVE-2025-23120 in verschiedenen Versionen des genannten Produkts informiert. Es gibt Sicherheitsupdates, um diese Schwachstelle zu schließen. Die … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/19/veeam-backup-replication-rce-schwachstelle-cve-2025-23120/
-
CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise
Tags: breach, cisa, cve, cybersecurity, exploit, flaw, github, infrastructure, kev, malicious, supply-chain, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities (KEV) catalog.The high-severity flaw, tracked as CVE-2025-30066 (CVSS score: 8.6), involves the breach of the GitHub Action to inject malicious code that enables a remote First…
-
Windows File Explorer Vulnerability Enables Network Spoofing Attacks: PoC Released
A critical vulnerability in Windows File Explorer has been discovered, allowing attackers to capture NTLM hashes and potentially exploit them for network spoofing attacks. The vulnerability, identified as CVE-2025-24071, involves the automatic processing of specially crafted .library-ms files within compressed archives like RAR or ZIP. When these files, containing paths to attacker-controlled SMB servers, are extracted, Windows…
-
CISA Issues Security Warning on Fortinet FortiOS Authentication Bypass Exploit
Tags: authentication, cisa, csf, cve, cyber, cybersecurity, exploit, fortinet, infrastructure, threat, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) issued a critical security warning regarding a severe vulnerability in Fortinet’s FortiOS and FortiProxy systems. Specifically, CVE-2025-24472, an authentication bypass vulnerability, poses a significant threat as it allows remote attackers to gain super-admin privileges through carefully crafted CSF proxy requests. This exploit is classified under Common Weakness Enumeration…
-
Critical vulnerability in AMI MegaRAC BMC allows server’ takeover
Tags: access, advisory, api, apt, attack, authentication, control, credentials, cve, cyberespionage, cybersecurity, data, data-breach, endpoint, exploit, firewall, firmware, flaw, group, infrastructure, Internet, linux, malicious, malware, network, ransomware, supply-chain, technology, training, update, vulnerabilityth vulnerability that Eclypsium researchers found in MegaRAC, the BMC firmware implementation from UEFI/BIOS vendor American Megatrends (AMI). BMCs are microcontrollers present on server motherboards that have their own firmware, dedicated memory, power, and network ports and are used for out-of-band management of servers when their main operating systems are shut down.Administrators can access BMCs…
-
ChatGPT SSRF bug quickly becomes a favorite attack vector
Tags: attack, chatgpt, cve, cybersecurity, exploit, finance, flaw, government, threat, vulnerabilityThreat actors exploit a server-side request forgery (SSRF) flaw, tracked as CVE-2024-27564, in ChatGPT, to target US financial and government organizations. Cybersecurity firm Veriti reports that threat actors are exploiting a server-side request forgery (SSRF) vulnerability, tracked as CVE-2024-27564 (CVSS score of 6.5), in ChatGPT to target financial and government organizations in the US. The…
-
New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking
A critical security vulnerability has been disclosed in AMI’s MegaRAC Baseboard Management Controller (BMC) software that could allow an attacker to bypass authentication and carry out post-exploitation actions.The vulnerability, tracked as CVE-2024-54085, carries a CVSS v4 score of 10.0, indicating maximum severity.”A local or remote attacker can exploit the vulnerability by accessing the First seen…
-
Schwachstelle in Tenda-AC7-Routern
CVE-2025-1851 ist eine schwerwiegende Sicherheitslücke, die Tenda-AC7-Router mit Firmware-Versionen bis 15.03.06.44 betrifft. Tenda-AC7 ist ein drahtloser Dualband-Router für den Einsatz in Privathaushalten sowie kleinen und mittelständischen Unternehmen. Die Schwachstelle beim Pufferüberlauf innerhalb der Funktion formSetFirewallCfg ermöglicht es einem Angreifer, eine speziell gestaltete Payload an die Webschnittstelle des Routers zu senden. Bei erfolgreicher Ausnutzung können Angreifer…
-
Tomcat PUT to active abuse as Apache deals with critical RCE flaw
Tags: apache, api, attack, authentication, backdoor, cve, cvss, data, encryption, exploit, flaw, malicious, rce, remote-code-execution, tactics, threat, update, vulnerability) exploit released for the flaw, CVE-2025-24813, just 30 hours after it was publicly disclosed.”A devastating new remote code execution (RCE) vulnerability is now actively exploited in the wild,” Wallarm said in a blog post. “Attackers need just one PUT API request to take over vulnerable Apache Tomcat servers.”PUT API requests are used to update…
-
Hackers Exploit SSRF Vulnerability to Attack OpenAI’s ChatGPT Infrastructure
Tags: attack, chatgpt, cve, cyber, cybersecurity, exploit, hacker, infrastructure, openai, threat, vulnerabilityA critical cybersecurity alert has been issued following the active exploitation of a Server-Side Request Forgery (SSRF) vulnerability in OpenAI’s ChatGPT infrastructure. According to the Veriti report, the vulnerability, identified as CVE-2024-27564, has been weaponized by attackers in real-world attacks, highlighting the dangers of underestimating medium-severity vulnerabilities. CVE-2024-27564: Understanding the Threat CVE-2024-27564 allows attackers to…
-
CVE-2025-24813: Actively Exploited Apache Tomcat Vulnerability
A newly disclosed security flaw in Apache Tomcat is being actively exploited, following the release of a public proof-of-concept (PoC) just 30 hours after its disclosure. Affected Apache Tomcat Versions The vulnerability, tracked as CVE-2025-24813, impacts the following versions: Apache… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-24813-actively-exploited-apache-tomcat-vulnerability/
-
PoC Exploit Released for Linux Kernel UseFree Vulnerability
A proof-of-concept (PoC) exploit has been released for a use-after-free vulnerability in the Linux kernel, identified as CVE-2024-36904. This vulnerability is located in the TCP subsystem of the Linux kernel and is caused by the inet_twsk_hashdance() function inserting the time-wait socket into the established hash table before setting its reference counter. CVE Overview CVE-2024-36904 affects the Linux…