Tag: cve
-
Schwachstelle Ursache für Exchange Online- und MS 365-Probleme seit 1. März 2025?
Microsoft kämpft seit einer Woche mit Cloud-Problemen in Exchange Online sowie Microsoft 365 samt der iOS-Outlook-App. Gleichzeitig ist mir gerade die Information zur Schwachstelle CVE-2024-49035 im Microsoft Partner-Portal untergekommen. Nun gibt es Hinweise, dass die Exchange Online-Probleme mit einer Schwachstelle … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/09/schwachstelle-cve-2024-49035-ursache-fuer-exchange-online-und-ms-365-probleme-seit-1-maerz-2025/
-
Über 37.000 VMware ESXi-Server über CVE-2025-22224 angreifbar
Die Woche hat VMware by Broadcom Sicherheitsupdates für diverse Produkte, u.a. VMware ESXi-Server herausgegeben, um Sicherheitslücken zu schließen. Eine Schwachstell wurde bereits als 0-day ausgenutzt. Nun warnt The Shadowserver Foundation, dass über 37.000 VMware ESXi-Server über CVE-2025-22224 angreifbar seien. Deutschland … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/08/ueber-37-000-vmware-esxi-server-ueber-cve-2025-22224-angreifbar/
-
Mirai-based botnets exploit CVE-2025-1316 zero-day in Edimax IP cameras
Mirai-based botnets are exploiting a zero-day flaw, tracked as CVE-2025-1316, in Edimax IP cameras, to achieve remote command execution. US CISA warns that multiple botnets are exploiting a recently disclosed vulnerability, tracked as CVE-2025-1316 (CVSS score of 9.8), in Edimax IC-7100 IP cameras. The issue is an Improper Neutralization of Special Elements used in an…
-
Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros
Tags: advisory, ai, awareness, banking, best-practice, business, cloud, compliance, corporate, crime, crypto, cve, cyber, cybercrime, cybersecurity, data, defense, exploit, extortion, finance, fraud, governance, government, group, healthcare, infrastructure, iot, jobs, mail, malicious, microsoft, mitigation, monitoring, network, nis-2, privacy, qr, ransom, ransomware, regulation, resilience, risk, risk-assessment, risk-management, scam, service, strategy, technology, threat, tool, vmware, vulnerability, vulnerability-management, zero-dayCheck out best practices for shoring up data security and reducing cyber risk. Plus, get tips on how to improve job satisfaction among tech staff. Meanwhile, find out why Congress wants federal contractors to adopt vulnerability disclosure programs. And get the latest on cyber scams; zero-day vulnerabilities; and critical infrastructure security. Dive into six things…
-
Threat Actors Exploit PHP-CGI RCE Vulnerability to Attack Windows Machines
Tags: apache, attack, cve, cyber, cybersecurity, exploit, rce, remote-code-execution, threat, vulnerability, windowsA recent cybersecurity threat has emerged where unknown attackers are exploiting a critical remote code execution (RCE) vulnerability in PHP-CGI on Windows systems. This vulnerability, identified as CVE-2024-4577, allows attackers to execute arbitrary PHP code on servers using Apache with a vulnerable PHP-CGI setup. The attackers are primarily targeting organizations in Japan across various sectors,…
-
Multiple Jenkins Vulnerabilities Allow Attackers to Expose Secrets
Jenkins, the widely-used open-source automation server, issued a high-priority security advisory on March 5, 2025, disclosing four medium-severity vulnerabilities affecting its core platform. The flaws”, tracked as CVE-2025-27622 through CVE-2025-27625″, impact secrets management, cross-site request forgery (CSRF) protections, and URL validation. Immediate upgrades to Jenkins 2.500 (weekly) or 2.492.2 (LTS) are recommended to mitigate risks.…
-
Critical Kibana Vulnerability Enabling Remote Code Execution (CVE-2025-25012)
Summary A critical vulnerability, identified as CVE-2025-25012, has been disclosed in Kibana, which enables unauthenticated remote attackers to execute arbitrary code on affected systems. Discovered First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/03/07/critical-kibana-vulnerability-enabling-remote-code-execution-cve-2025-25012/
-
Elastic Issues Urgent Update for Critical Kibana Vulnerability Exposing Remote Code Execution Risk
Elastic has released a critical security update to address a vulnerability in Kibana, a widely used data visualization and analysis tool for Elasticsearch. This Kibana vulnerability, identified as CVE-2025-25012, could allow attackers to execute arbitrary code on affected systems, posing a severe threat to organizations using Kibana. The vulnerability, categorized under the CVSS scoring system…
-
Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets
Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution. The post Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/edimax-camera-zero-day-disclosed-by-cisa-exploited-by-botnets/
-
PHP-CGI RCE Flaw Exploited in Attacks on Japan’s Tech, Telecom, and E-Commerce Sectors
Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025.”The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines,” Cisco Talos researcher Chetan Raghuprasad said in a…
-
Sicherheitslücken proaktiv erkennen und kompromittierte Systeme identifizieren
Unternehmen stehen täglich vor der Herausforderung, ihre IT-Infrastruktur vor neuen Bedrohungen zu schützen. Eine zentrale Rolle spielt dabei die kontinuierliche Überwachung der Online-Angriffsfläche und potenzieller Angriffspunkte. Ein aktuelles Beispiel für eine kritische Sicherheitslücke ist CVE-2025-23209 im Content-Management-System Craft CMS 4 und 5. Die Schwachstelle birgt große Risiken für Unternehmen und zeigt, wie wichtig es ist,…
-
Over 37,000 VMware ESXi servers vulnerable to ongoing attacks
Over 37,000 internet-exposed VMware ESXi instances are vulnerable to CVE-2025-22224, a critical out-of-bounds write flaw that is actively exploited in the wild. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-37-000-vmware-esxi-servers-vulnerable-to-ongoing-attacks/
-
CISA Issues Alert on Actively Exploited VMware Vulnerabilities
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, linux, mitigation, threat, vmware, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) escalated warnings on March 4, 2025, by adding four severe vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. Federal agencies and private organizations are urged to prioritize mitigation efforts, as threat actors are actively weaponizing these flaws in VMware ESXi, Workstation, Fusion, and the Linux kernel. CVE-2025-22225:…
-
0-day-Schwachstellen in VMWare ESXi, Workstation und Fusion
Zum 4. März 2025 hat VMware by Broadcom einen Sicherheitshinweis veröffentlicht, um vor drei Zero-Day-Schwachstellen CVE-2025-22224, CVE-2025-22225 und CVE-2025-22226), die bereits in freier Wildbahn ausgenutzt wurden, zu warnen. Patchen ist dringend angesagt. VMware Advisory VMSA-2025-0004 Dem Advisory VMSA-2025-0004 zufolge betreffen die … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/05/0-day-schwachstellen-in-vmware-esxi-workstation-und-fusion/
-
CVE-2025-22224, CVE-2025-22225, CVE-2025-22226: Zero-Day Vulnerabilities in VMware ESXi, Workstation and Fusion Exploited
Tags: advisory, attack, cloud, cve, exploit, flaw, infrastructure, intelligence, leak, microsoft, threat, update, vmware, vulnerability, zero-dayBroadcom published an advisory for three flaws in several VMware products that were exploited in the wild as zero-days. Organizations are advised to apply the available patches. Background On March 4, Broadcom published an advisory (VMSA-2025-0004) for three zero-day vulnerabilities across multiple VMware products: CVE Description CVSSv3 CVE-2025-22224 VMware ESXi and Workstation Heap-Overflow Vulnerability 9.3…
-
U.S. CISA adds Linux kernel and VMware ESXi and Workstation flaws to its Known Exploited Vulnerabilities catalog
Tags: android, cisa, cve, cybersecurity, exploit, google, infrastructure, kev, linux, vmware, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux kernel and VMware ESXi and Workstation flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The first issue, tracked as CVE-2024-50302, was addressed by Google with the release of the Android…
-
VMware fixed three actively exploited zero-days in ESX products
Broadcom has addressed three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. Broadcom released security updates to address three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. The flaws, respectively tracked as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, impact multiple VMware ESX products, including VMware ESXi, vSphere,…
-
VMware Security Flaws Exploited in the Wild”, Broadcom Releases Urgent Patches
Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure.The list of vulnerabilities is as follows -CVE-2025-22224 (CVSS score: 9.3) – A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious actor with…
-
Google fixed two actively exploited Android flaws
Android March 2025 security update addresses over 40 vulnerabilities, including two flaws actively exploited in attacks in the wild. Android March 2025 security update addressed over 40 vulnerabilities, including two flaws, respectively tracked as CVE-2024-43093 and CVE-2024-50302, which are actively exploited in attacks in the wild. >>There are indications that the following may be under…
-
Broadcom Patches 3 VMware Zero-Days Exploited in the Wild
Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation. The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/broadcom-patches-3-vmware-zero-days-exploited-in-the-wild/
-
CISA Urges Government to Patch Exploited Cisco, Microsoft Flaws
CISA has added five more CVEs into its known exploited vulnerabilities catalog First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-govt-patch-exploited-cisco/
-
Update Alert: Google Warns of Critical Android Vulnerabilities Under Exploit
Tags: android, cve, cyber, exploit, flaw, google, remote-code-execution, risk, update, vulnerabilityGoogle’s March 2025 Android Security Bulletin has unveiled two critical vulnerabilities”, CVE-2024-43093 and CVE-2024-50302″, currently under limited, targeted exploitation. These flaws, impacting Android versions 12 through 15, underscore escalating risks for billions of devices. The bulletin mandates the immediate installation of the 2025-03-05 security patch, which resolves remote code execution and privilege escalation threats. Critical…
-
BigAnt Server 0-Day Vulnerability Lets Attackers Run Malicious Code Remotely
A critical vulnerability in BigAntSoft’s enterprise chat server software has exposed ~50 internet-facing systems to unauthenticated remote code execution attacks. Designated CVE-2025-0364, this exploit chain enables attackers to bypass authentication protocols, create administrative accounts, and execute malicious PHP code on vulnerable servers running BigAnt Server v5.6.06 and earlier. CVE-2025-0364: Authentication Bypass to PHP Code Execution The…
-
IBM Storage Virtualize Flaws Allow Remote Code Execution
Two critical security flaws in IBM Storage Virtualize products could enable attackers to bypass authentication protections and execute malicious code on enterprise storage systems, according to a security bulletin issued by the company. Tracked as CVE-2025-0159 and CVE-2025-0160, these vulnerabilities impact the graphical user interface (GUI) components of IBM’s SAN Volume Controller, Storwize, Spectrum Virtualize,…
-
Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited”, CISA Sounds Alarm
Tags: cisa, cisco, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, microsoft, software, vulnerability, windowsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The list of vulnerabilities is as follows -CVE-2023-20118 (CVSS score: 6.5) – A command injection First seen…
-
Paragon Partition Manager Vulnerabilities Allow Attackers to Escalate Privileges and Trigger DoS Attacks
Security researchers have uncovered five significant vulnerabilities in Paragon Partition Manager’s BioNTdrv.sys driver, affecting versions prior to 2.0.0. These flaws, identified as CVE-2025-0285, CVE-2025-0286, CVE-2025-0287, CVE-2025-0288, and CVE-2025-0289, pose serious security risks, enabling attackers to escalate privileges to SYSTEM level and potentially cause denial-of-service (DoS) scenarios. Multiple Critical Flaws Discovered in BioNTdrv.sys Driver The vulnerabilities,…
-
Top CVEs Vulnerabilities February 2025
Cyber threats don’t take a break, and February 2025 proved just that. This month, we saw some serious vulnerabilities that could cause major problems if not patched quickly. From remote… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/top-cves-vulnerabilities-february-2025/