Tag: cve

Apple patches zero-day bugs used in targeted iPhone attacks

Mar 12, 2025 4:52 PM

Tags: apple, attack, cve, exploit, flaw, iphone, rce, remote-code-execution, spy, zero-day

Three zero-days within months: This marks Apple’s third zero-day fix since the start of the year, following patches for CVE-2025-24085 in January and CVE-2025-24200 in February.Apple’s leading market share attracts frequent adversarial interest, making a development or configurational mishap extremely punishing. The company suffered a total of twenty bugs in 2023, including the RCE bugs,…
Microsoft patches privilege escalation flaw exploited since 2023

Mar 12, 2025 4:52 PM

Tags: access, advisory, computer, cve, exploit, flaw, Hardware, intelligence, malicious, microsoft, remote-code-execution, software, tool, vulnerability, windows, zero-day

Vulnerabilities in file system drivers: Several of the other zero-day vulnerabilities are related to the Windows NT File System (NTFS) driver. One is a remote code execution flaw that can be triggered by the user mounting a specially crafted VHD (virtual hard disk) that triggers a buffer overflow (CVE-2025-24993).A similar vulnerability, CVE-2025-24985, that can be…
March Patch Tuesday warnings: Act fast to plug zero day holes in Windows, VMware

Mar 12, 2025 4:52 PM

Tags: access, advisory, authentication, cisco, cloud, communications, control, credentials, csf, cve, data, data-breach, exploit, flaw, incident response, infrastructure, microsoft, network, office, remote-code-execution, router, security-incident, service, software, unauthorized, update, vmware, vulnerability, windows, zero-day

Microsoft issues: Windows admins have to deal with patching six zero days, six critical vulnerabilities, plus the hole that already has a publicly available proof-of-concept.”All six of the vulnerabilities that Microsoft has labelled as ‘exploit detected’ are resolved with the monthly cumulative update,” pointed out Tyler Reguly, associate director of security R&D at Fortra. “This…
CVE-2025-24201: Apple Addresses Zero-Day Exploit in WebKit

Mar 12, 2025 4:52 PM

Tags: apple, cve, exploit, flaw, update, vulnerability, zero-day

Apple has released an important security update to fix a newly discovered zero-day vulnerability that has reportedly been exploited in >>extremely sophisticated
New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?

Mar 12, 2025 4:52 PM

Tags: botnet, cve, exploit, flaw, injection, jobs, remote-code-execution, router, vulnerability

The Ballista botnet is exploiting an unpatched TP-Link vulnerability, targeting over 6,000 Archer routers, Cato CTRL researchers warn. Cato CTRL researchers observed a new botnet, called Ballista botnet, which is exploiting a remote code execution (RCE) vulnerability, tracked as CVE-2023-1389 (CVSS score 8.8), in TP-Link Archer routers. The CVE-2023-1389 flaw is an unauthenticated command injection…
CISA Issues Advisory on Windows NTFS Flaw Enabling Local Code Execution

Mar 12, 2025 4:52 PM

Tags: advisory, cisa, cve, cyber, cybersecurity, flaw, infrastructure, microsoft, technology, unauthorized, vulnerability, windows

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding a significant vulnerability in the Microsoft Windows New Technology File System (NTFS). This security flaw, identified as CVE-2025-24993, involves a heap-based buffer overflow vulnerability. The vulnerability could potentially allow an unauthorized attacker to execute code locally on affected systems. Overview of the…
CISA Issues Security Alert on Windows NTFS Exploit Risk

Mar 12, 2025 4:52 PM

Tags: access, cisa, cve, cyber, cybersecurity, data, exploit, flaw, infrastructure, microsoft, risk, technology, unauthorized, vulnerability, windows

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a recently discovered vulnerability in Microsoft’s Windows New Technology File System (NTFS). Identified as CVE-2025-24991, this security flaw could potentially lead to unauthorized access to sensitive data due to an out-of-bounds read vulnerability. The vulnerability, categorized under CWE-125, highlights a concerning issue…
CISA Warns of Exploitable Fast FAT Vulnerability in Microsoft Windows

Mar 12, 2025 4:52 PM

Tags: cisa, cve, cyber, cybersecurity, infrastructure, microsoft, threat, unauthorized, vulnerability, windows

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a critical vulnerability in the Microsoft Windows Fast FAT File System Driver. This vulnerability, identified as CVE-2025-24985, poses a significant threat as it involves an integer overflow or wraparound issue, which could allow unauthorized attackers to execute harmful code on affected systems. The…
CISA Warns of Microsoft Windows Win32 Kernel Subsystem Vulnerability

Mar 12, 2025 4:52 PM

Tags: cisa, cve, cyber, cybersecurity, infrastructure, microsoft, vulnerability, windows

The Cybersecurity and Infrastructure Security Agency (CISA) highlighted a critical vulnerability affecting the Microsoft Windows Win32 kernel subsystem. Identified as CVE-2025-24983, this use-after-free vulnerability in the Win32k component could potentially allow an authorized attacker to locally elevate privileges. The vulnerability is classified under CWE-416, which addresses issues related to use-after-free conditions that can lead to…
Java Axios Package Vulnerability Threatens Millions of Servers with SSRF Exploit

Mar 12, 2025 4:52 PM

Tags: credentials, cve, cyber, exploit, risk, vulnerability

A critical security issue has been identified in the Axios package for JavaScript, which poses significant risks to millions of servers due to server-side request forgery (SSRF) and credential leakage. This vulnerability occurs when absolute URLs are used in Axios requests, even when abase URLis specified. CVE-2025-27152 Overview The vulnerability associated with Axios is identified…
Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack

Mar 12, 2025 4:52 PM

Tags: attack, cve, cyber, exploit, intelligence, threat, vulnerability

Threat intelligence firm GreyNoise is warning of a “coordinated surge” in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms.”At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts,” the company said, adding it observed the activity on March 9, 2025.The countries which First…
Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks

Mar 12, 2025 4:52 PM

Tags: apple, attack, cve, exploit, flaw, malicious, update, vulnerability, zero-day

Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in “extremely sophisticated” attacks.The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser engine component.It has been described as an out-of-bounds write issue that could allow an attacker to craft…
Apple fixed the third actively exploited zero-day of 2025

Mar 12, 2025 12:58 AM

Tags: apple, cve, cyber, exploit, update, vulnerability, zero-day

Apple addressed a zero-day vulnerability, tracked as CVE-2025-24201, that has been exploited in >>extremely sophisticated>extremely sophisticated
Apple discloses zero-day vulnerability, releases emergency patches

Mar 11, 2025 10:56 PM

Tags: apple, cve, software, unauthorized, vulnerability, zero-day

Apple released emergency software patches Tuesday that address a newly identified zero-day vulnerability in the company’s WebKit web browser engine. Tracked as CVE-2025-24201, an attacker can potentially escape the constraints of Webkit’s Web Content sandbox, potentially leading to unauthorized actions. The sandbox is a security feature that isolates untrusted web content in order to prevent…
Apache Tomcat Remote Code Execution Vulnerability (CVE-2025-24813)

Mar 11, 2025 2:54 PM

Tags: apache, cve, cyber, network, remote-code-execution, vulnerability

Overview Recently, NSFOCUS CERT detected that Apache issued a security announcement and fixed the remote code execution vulnerability of Apache Tomcat (CVE-2025-24813). An unauthenticated attacker can execute arbitrary code to gain server privileges when the application has servlet write enabled (disabled by default), uses Tomcat file session persistence and a default storage location, and contains…The…
Edimax Says No Patches Coming for Zero-Day Exploited by Botnets

Mar 11, 2025 1:54 PM

Tags: botnet, cve, exploit, zero-day

Edimax is aware that CVE-2025-1316 has been exploited in the wild, but the impacted devices were discontinued over a decade ago. The post Edimax Says No Patches Coming for Zero-Day Exploited by Botnets appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/edimax-says-no-patches-coming-for-zero-day-exploited-by-botnets/
RCE-Schwachstelle CVE-2025-24813 in Apache Tomcat

Mar 11, 2025 12:54 PM

Tags: apache, cve, rce, remote-code-execution, vulnerability

Kurze Information für Leser, die für einen Apache Tomcat-Server verantwortlich sind. Es gibt wohl eine Schwachstelle CVE-2025-24813, die eine Remote Code Execution (RCE) ermöglicht. Es sind auch Datenabflüsse möglich daher sollten entsprechende Installationen umgehen aktualisiert werden. Die Schwachstelle CVE-2025-24813 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/11/rce-schwachstelle-cve-2025-24813-in-apache-tomcat/
Apache Camel RCE Vulnerability PoC Exploit Released in GitHub

Mar 11, 2025 12:54 PM

Tags: apache, cve, cyber, exploit, github, rce, remote-code-execution, vulnerability

A Proof of Concept (PoC) exploit for the Apache Camel vulnerability CVE-2025-27636 has been released on GitHub. This vulnerability affects Apache Camel versions 4.10.0-4.10.1, 4.8.0-4.8.4, and 3.10.0-3.22.3, allowing attackers to inject arbitrary headers and potentially execute internal Camel methods, including Remote Code Execution (RCE) via the Camel Exec component. Vulnerability Details The vulnerability arises from…
Companies are drowning in high-risk software security debt, and the breach outlook is getting worse

Mar 11, 2025 9:54 AM

Tags: application-security, automation, best-practice, breach, cloud, cve, cybersecurity, data, flaw, framework, open-source, penetration-testing, programming, regulation, resilience, risk, risk-analysis, software, strategy, supply-chain, training, update, vulnerability, xss

Flaw prevalence: Leading organizations have flaws in fewer than 43% of applications, while lagging organizations exceed 86%.Fix capacity: Leaders resolve over 10% of flaws monthly, whereas laggards address less than 1%.Fix speed: Top performers remediate half of flaws in five weeks; lower-performing organizations take longer than a year.Security debt prevalence: Less than 17% of applications…
Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches

Mar 11, 2025 9:54 AM

Tags: authentication, cve, cvss, flaw, update, vulnerability

Taiwanese company Moxa has released a security update to address a critical security flaw impacting its PT switches that could permit an attacker to bypass authentication guarantees.The vulnerability, tracked as CVE-2024-12297, has been assigned a CVSS v4 score of 9.2 out of a maximum of 10.0.”Multiple Moxa PT switches are vulnerable to an authentication bypass…
CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List

Mar 11, 2025 5:54 AM

Tags: cisa, cve, cybersecurity, endpoint, exploit, flaw, infrastructure, ivanti, kev, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild.The list of vulnerabilities is as follows -CVE-2024-57968 – An unrestricted file upload vulnerability in Advantive VeraCore First…
Android Zygote Injection Flaw Lets Attackers Execute Code Gain Elevated Privileges

Mar 10, 2025 7:54 PM

Tags: android, cve, cyber, exploit, flaw, injection, risk, vulnerability

A significant vulnerability in the Android operating system, identified as CVE-2024-31317, has been discovered, allowing attackers to exploit the Zygote process for system-wide code execution and privilege escalation. This flaw affects devices running Android 11 or older, highlighting a critical security risk in the Android ecosystem. Background and Vulnerability Details The Zygote process is a…
Backdoor in Bluetooth-Chip entdeckt

Mar 10, 2025 5:53 PM

Tags: backdoor, bug, computer, cve, cyberattack, iot, supply-chain, vulnerability, wifi

Der Chip ESP32 kommt in zahlreichen Geräten zum Einsatz. Security-Forscher haben nun eine Sicherheitslücke gefunden.Der von der chinesischen Firma Espressif hergestellte ESP32 ist eine wichtige Komponente für die Wi-Fi- und Bluetooth-Konnektivität im IoT-Bereich (Internet of Things). Der Microchip kommt unter anderem in Smartphones, Computern, intelligenten Schlössern und medizinischen Geräten zum Einsatz. Forscher von Tarlogic Security…
Critical PHP vulnerability under widespread cyberattack

Mar 10, 2025 5:53 PM

Tags: cve, cyberattack, data, exploit, vulnerability

Telemetry data shows spikes in exploits of CVE-2024-4577 across several countries in recent months. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/critical-php-vulnerability-under-widespread-cyberattack/742036/
Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577

Mar 10, 2025 4:53 PM

Tags: apache, attack, cve, exploit, flaw, remote-code-execution, threat, vulnerability

Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution. Over 1,000 attacks detected globally. GreyNoise researchers warn of a large-scale exploitation of a critical vulnerability, tracked as CVE-2024-4577 (CVSS 9.8), in PHP. An attacker could exploit the vulnerability to achieve remote code execution on vulnerable servers using Apache and PHP-CGI. The flawCVE-2024-4577(CVSS score: 9.8)is…
Laravel Framework Flaw Allows Attackers to Execute Malicious JavaScript

Mar 10, 2025 1:54 PM

Tags: cve, cyber, flaw, framework, malicious, vulnerability

A significant vulnerability has been identified in the Laravel framework, specifically affecting versions between 11.9.0 and 11.35.1. The issue revolves around improper encoding of request parameters on the error page when the application is running in debug mode, leading to reflected cross-site scripting (XSS). This flaw has been assigned the CVE identifier CVE-2024-13918 and has…
Critical Vulnerabilities in Moxa Switches Enable Unauthorized Access

Mar 10, 2025 12:53 PM

Tags: access, authentication, cve, cyber, exploit, flaw, malicious, network, unauthorized, vulnerability

A critical vulnerability identified as CVE-2024-12297 has been discovered in Moxa’s PT series of network switches, affecting multiple models across different product lines. This security flaw involves an authorization logic disclosure that can be exploited to bypass authentication mechanisms, allowing malicious actors to gain unauthorized access to sensitive configurations, potentially disrupting network services. The vulnerability,…
WinDbg Vulnerability Allows Attackers to Execute Remote Code

Mar 10, 2025 9:53 AM

Tags: cve, cyber, flaw, github, microsoft, remote-code-execution, tool, update, vulnerability

Microsoft recently disclosed a critical vulnerability impacting its debugging tool, WinDbg, and associated .NET packages. Tracked CVE-2025-24043, this flaw allows remote code execution (RCE) due to improper cryptographic signature verification in the SOS debugging extension. According to Github’s Post, Developers using affected versions of specific NuGet packages within .NET Core projects are urged to update…
New Apache Traffic Server Flaws Allow Malformed Request Exploits

Mar 10, 2025 8:53 AM

Tags: access, apache, control, cve, cyber, exploit, flaw, malicious, risk, software, vulnerability

The Apache Software Foundation has disclosed several vulnerabilities affecting its Traffic Server software. These vulnerabilities allow malicious actors to exploit malformed requests and access control list (ACL) issues, posing serious security risks to users. The vulnerabilities, identified by CVE numbersCVE-2024-38311,CVE-2024-56195,CVE-2024-56196, andCVE-2024-56202, havebeen reported byvarious researchers and affect multiple versions of the Apache Traffic Server. Description…
Over 43 Million Python Installations Vulnerable to Dangerous Code Execution Flaw

Mar 10, 2025 6:53 AM

Tags: cve, cyber, exploit, flaw, malicious, remote-code-execution, vulnerability

A significant vulnerability has been uncovered in the Python JSON Logger package (python-json-logger), affecting versions 3.2.0 and 3.2.1. This flaw, CVE-2025-27607 allows for remote code execution (RCE) due to misusing a missing dependency known as msgspec-python313-pre. The issue gained widespread attention due to a recent experiment demonstrating how malicious actors could exploit this vulnerability by claiming…