Tag: cve
-
Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software
Palo Alto Networks has addressed a high-severity security flaw in its PAN-OS software that could result in an authentication bypass.The vulnerability, tracked as CVE-2025-0108, carries a CVSS score of 7.8 out of 10.0. The score, however, drops to 5.1 if access to the management interface is restricted to a jump box.”An authentication bypass in the…
-
Hackers Exploit Ivanti Connect Secure Vulnerability to Inject SPAWNCHIMERA malware
Tags: cve, cvss, cyber, cybersecurity, exploit, flaw, hacker, ivanti, malware, remote-code-execution, vulnerability, zero-dayIn a concerning development, cybersecurity experts have identified active exploitation of a critical vulnerability in Ivanti Connect Secure (ICS) appliances, tracked as CVE-2025-0282. This zero-day vulnerability, a stack-based buffer overflow with a CVSS score of 9.0, has been leveraged by attackers to deploy the advanced SPAWNCHIMERA malware. The flaw permits unauthenticated remote code execution, enabling…
-
SonicWall Firewalls Exploit Hijack SSL VPN Sessions to Gain Networks Access
SonicWall firewalls running specific versions of SonicOS are vulnerable to a critical authentication bypass flaw, tracked as CVE-2024-53704, which allows attackers to hijack active SSL VPN sessions. This vulnerability has been classified as high-risk, with a CVSS score of 8.2. It affects SonicOS versions 7.1.x (up to 7.1.1-7058), 7.1.2-7019, and 8.0.0-8035, used in various Gen…
-
Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability
Cybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container’s isolation protections and gain complete access to the underlying host.The new vulnerability is being tracked as CVE-2025-23359 (CVSS score: 8.3). It affects the following versions -NVIDIA Container Toolkit (All…
-
Fortinet’s FortiOS Vulnerabilities Allow Attackers Trigger RCE and Launch DoS Attack
Fortinet’s FortiOS, the operating system powering its VPN and firewall appliances, has been found vulnerable to multiple security flaws that could allow attackers to execute remote code (RCE) and launch denial-of-service (DoS) attacks. These vulnerabilities, disclosed by Akamai researcher Ben Barnea, were assigned CVE-2024-46666 and CVE-2024-46668. Fortinet released patches on January 14, 2025, to mitigate…
-
U.S. CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, microsoft, vulnerability, windows, zyxelU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The vulnerability CVE-2024-40891 is a command injection issue in Zyxel CPE Series devices that remains unpatched and has not yet…
-
Hackers Can Exploit >>Wormable<< Windows LDAP RCE Vulnerability for Remote Attacks
Tags: access, attack, cve, cyber, cybersecurity, exploit, flaw, hacker, microsoft, network, rce, remote-code-execution, vulnerability, windowsA critical new vulnerability in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP), tagged as CVE-2025-21376, has recently come to light, raising alarms across global cybersecurity circles. The flaw, which has been classified as >>critical,>wormable>Wormable
-
Ivanti Patches Critical Flaws in Connect Secure and Policy Secure Update Now
Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution.The list of vulnerabilities is below -CVE-2024-38657 (CVSS score: 9.1) – External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and…
-
Critical Ivanti CSA Vulnerability Allows Attackers Remote Code Execution to Gain Restricted Access
A critical vulnerability has been discovered in the Ivanti Cloud Services Application (CSA), potentially allowing attackers to execute remote code and access restricted functionality. Ivanti has released an urgent security update to address the issues, tracked as CVE-2024-47908 and CVE-2024-11771, urging customers to upgrade to version 5.0.5 to mitigate the threat. The two vulnerabilities affect…
-
Attackers exploit a new zero-day to hijack Fortinet firewalls
Fortinet warned of attacks using a now-patched zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls. Fortinet warned that threat actors are exploiting a new zero-day vulnerability, tracked as CVE-2025-24472 (CVSS score of 8.1), in FortiOS and FortiProxy to hijack Fortinet firewalls. The vulnerability is an authentication bypass issue that could allow a remote attacker…
-
Apple zero day used in ‘extremely sophisticated attack’
CVE-2025-24200 is a zero-day vulnerability that bypasses Apple’s USB Restricted Mode in iPhones and iPads and was exploited in the wild against ‘specific targeted individuals.’ First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366619044/Apple-zero-day-used-in-extremely-sophisticated-attack
-
Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391)
Tags: access, advisory, android, apt, attack, authentication, best-practice, cve, cyber, data, exploit, firmware, flaw, group, Internet, lazarus, linux, malicious, microsoft, network, north-korea, ntlm, office, rce, remote-code-execution, service, technology, tool, update, vulnerability, windows, zero-day3Critical 52Important 0Moderate 0Low Microsoft addresses 55 CVEs with three rated critical and four zero-day vulnerabilities, including two that were exploited in the wild. Microsoft patched 55 CVEs in its February 2025 Patch Tuesday release, with three rated critical and 52 rated as important. Our counts omitted one vulnerability reported by HackerOne. This month’s update…
-
OpenSSL patched high-severity flaw CVE-2024-12797
OpenSSL patched the vulnerability CVE-2024-12797, a high-severity flaw found by Apple that enables man-in-the-middle attacks. The OpenSSL Project addressed a high-severity vulnerability, tracked as CVE-2024-12797, in its secure communications library. The OpenSSL software library allows secure communications over computer networks against eavesdropping or need to identify the party at the other end. OpenSSL contains an open-source implementation…
-
Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)
February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days CVE-2025-21418 and CVE-2025-21391 under … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/11/microsoft-fixes-exploited-zero-days-cve-2025-21418-cve-2025-21391-patch-tuesday/
-
High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks
OpenSSL has patched CVE-2024-12797, a high-severity vulnerability found by Apple that can allow man-in-the-middle attacks. The post High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/high-severity-openssl-vulnerability-found-by-apple-allows-mitm-attacks/
-
Satellite Weather Software Vulnerabilities Let Attackers Execute Code Remotely
IBL Software Engineering has disclosed a significant security vulnerability, identified as CVE-2025-1077, affecting its Visual Weather software and derivative products, including Aero Weather, Satellite Weather, and NAMIS. This vulnerability allows remote, unauthenticated attackers to execute arbitrary Python code on affected servers, posing a severe risk of full system compromise. The issue resides in the Product…
-
Progress Software fixed multiple high-severity LoadMaster flaws
Progress Software fixed multiple vulnerabilities in its LoadMaster software, which could be exploited to execute arbitrary system commands. Progress Software has addressed multiple high-severity security vulnerabilities (CVE-2024-56131, CVE-2024-56132, CVE-2024-56133, CVE-2024-56134, CVE-2024-56135) in its LoadMaster software. Progress Software’s LoadMaster is a high-performance load balancer and application delivery controller (ADC) designed to optimize the availability, security, and performance of…
-
SonicWall firewall exploit lets hackers hijack VPN sessions, patch now
Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the SonicOS SSLVPN application. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-firewall-exploit-lets-hackers-hijack-vpn-sessions-patch-now/
-
AnyDesk-Schwachstelle CVE-2024-12754: 13.000 Instanzen betroffen
In der Remote-Software AnyDesk gibt es eine Link Following Information Disclosure-Schwachstelle (CVE-2024-12754), die kürzlich bekannt wurde. Nach Recherchen von hunter.io sind über 13.000 AnyDesk-Instanzen von dieser Schwachstelle betroffen. Die Ausnutzung erfordert aber lokale Privilegien. Die Schwachstelle CVE-2024-12754 (AnyDesk Link Following … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/02/11/anydesk-schwachstelle-cve-2024-12754-13-000-instanzen-betroffen/
-
Critical Flaw in Progress LoadMaster Allows Attackers to Execute System Commands
A series of critical security vulnerabilities have been identified in Progress Software’s LoadMaster application, potentially allowing remote attackers to execute system commands or access sensitive files. CVE-2024-56131, CVE-2024-56132, CVE-2024-56133, CVE-2024-56134, and CVE-2024-56135, affect all current versions of LoadMaster, including Multi-Tenant LoadMaster (MT) deployments, prompting an urgent patch advisory for users. Progress Software has confirmed that no active exploits of these…
-
12,000+ KerioControl Firewalls Exposed to 1-Click RCE Attack
Tags: attack, cve, cyber, cybersecurity, data-breach, exploit, firewall, flaw, rce, remote-code-execution, vulnerabilityCybersecurity researchers caution that over 12,000 instances of GFI KerioControl firewalls remain unpatched and vulnerable to a critical security flaw (CVE-2024-52875) that could be exploited for remote code execution (RCE) with minimal effort. The Shadowserver Foundation has been tracking this vulnerability and issuing daily reports since February 5, 2025. Critical Vulnerability Overview CVE-2024-52875 is a…
-
Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update
Apple on Monday released out-of-band security updates to address a security flaw in iOS and iPadOS that it said has been exploited in the wild.Assigned the CVE identifier CVE-2025-24200, the vulnerability has been described as an authorization issue that could make it possible for a malicious actor to disable USB Restricted Mode on a locked…
-
Trimble Cityworks zero-day flaw under attack, patch now
CVE-2025-0994 is a high-severity deserialization vulnerability that enables remote code execution in unpatched versions of Cityworks enterprise asset management software. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366619160/Trimble-Cityworks-zero-day-flaw-under-attack-patch-now
-
Over 12,000 KerioControl firewalls exposed to exploited RCE flaw
Over twelve thousand GFI KerioControl firewall instances are exposed to a critical remote code execution vulnerability tracked as CVE-2024-52875. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-12-000-keriocontrol-firewalls-exposed-to-exploited-rce-flaw/
-
Apple fixes iPhone and iPad bug exploited in ‘extremely sophisticated attacks’
Apple released iOS and iPadOS updates to address a zero-day likely exploited in extremely sophisticated attacks targeting specific individuals. Apple released emergency security updates to address a zero-day vulnerability, tracked as CVE-2025-24200, that the company believes was exploited in >>extremely sophisticated
-
Seven-Year-Old Linux Kernel Bug Opens Door to Remote Code Execution
Researchers have uncovered a critical vulnerability in the Linux kernel, dating back seven years, that could allow attackers to execute remote code. The flaw, identified in the core TCP subsystem, was introduced through a race condition in the inet_twsk_hashdance function. This issue, now tracked as CVE-2024-36904, was patched last year after being reported by security…
-
Hackers breach Microsoft IIS services using Cityworks RCE bug
Hackers are exploiting a high-severity remote code execution (RCE) flaw in Cityworks deployments, a GIS-centric asset and work order management software, to execute codes on a customers’ Microsoft web servers.In a coordinated advisory with the US Cybersecurity and Infrastructure Security Agency (CISA), Cityworks’ developer Trimble said that the vulnerability, tracked as CVE-2025-0994 with CVSS rating…