Tag: cve
-
Android Security Update Fixes Linux Kernel RCE Flaw Allow Read/Write Access
On February 3, 2025, Google published its February Android Security Bulletin, which addresses a total of 47 vulnerabilities affecting Android devices. Among these, a critical flaw in the Linux kernel’s USB Video Class (UVC) driver, tracked as CVE-2024-53104, has been identified as a significant security risk. This vulnerability allows attackers to execute remote code (RCE),…
-
CVE-2025-21415: Critical Flaw in Azure AI Face Service
Microsoft has addressed two critical security vulnerabilities that posed potential threats to its cloud-based services. The patches resolve security flaws affecting Azure AI Face Service and Microsoft Account, both of which could have allowed malicious actors to escalate privileges under… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-21415-azure-ai-face-service/
-
Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)
CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/04/russian-cybercrooks-exploited-7-zip-zero-day-vulnerability-cve-2025-0411/
-
Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections
A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware.The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-of-the-web (MotW) protections and execute arbitrary code in the context of the current user. It was addressed by 7-Zip in November 2024 with version 24.09.”The…
-
Hackers Exploiting 7-Zip Zero-Day Vulnerability to Deploy SmokeLoader Malware
A newly identified zero-day vulnerability in the widely used 7-Zip archiving software, designated as CVE-2025-0411. This critical flaw, which was exploited in the wild, is enabling threat actors to bypass vital Windows security protections and deploy SmokeLoader malware. The campaign has predominantly targeted Ukrainian organizations, with experts suspecting links to Russian cybercrime groups amid the…
-
AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access
A security vulnerability has been disclosed in AMD’s Secure Encrypted Virtualization (SEV) that could permit an attacker to load a malicious CPU microcode under specific conditions.The flaw, tracked as CVE-2024-56161, carries a CVSS score of 7.2 out of 10.0, indicating high severity.”Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker…
-
CVE-2025-0411: 7-Zip Vulnerability Exploited in Attacks on Ukraine
A new report from the Zero Day Initiative (ZDI) Threat Hunting team reveals that Ukrainian organizations have been First seen on securityonline.info Jump to article: securityonline.info/cve-2025-0411-7-zip-vulnerability-exploited-in-attacks-on-ukraine/
-
Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score
Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain conditions.The flaws are listed below -CVE-2025-21396 (CVSS score: 7.5) – Microsoft Account Elevation of Privilege VulnerabilityCVE-2025-21415 (CVSS score: 9.9) – Azure AI Face Service First…
-
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104
Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild.The vulnerability in question is CVE-2024-53104 (CVSS score: 7.8), which has been described as a case of privilege escalation in a kernel component known as the USB Video Class (UVC)…
-
Google fixed actively exploited kernel zero-day flaw
The February 2025 Android security updates addressed 48 vulnerabilities, including a kernel zero-day flaw exploited in the wild. The February 2025 Android security updates addressed 48 vulnerabilities, including a zero-day flaw, tracked as CVE-2024-53104, which is actively exploited in attacks in the wild. >>There are indications that CVE-2024-53104 may be under limited, targeted exploitation.
-
768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023
As many as 768 vulnerabilities with designated CVE identifiers were reported as exploited in the wild in 2024, up from 639 CVEs in 2023, registering a 20% increase year-over-year.Describing 2024 as “another banner year for threat actors targeting the exploitation of vulnerabilities,” VulnCheck said 23.6% of known exploited vulnerabilities (KEV) were known to be weaponized…
-
768 CVEs Exploited in the Wild in 2024
VulnCheck observed 768 public reports of CVEs exploited in the wild for the first time in 2024, a 20% rise compared to 2023 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cves-exploited-wild-2024/
-
U.S. CISA adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog
Tags: apple, cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, update, vulnerability, zero-dayU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple Multiple Products Use-After-Free Vulnerability, tracked as CVE-2025-24085, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Apple released security updates to address 2025’s first zero-day vulnerability, tracked as CVE-2025-24085, actively exploited…
-
Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)
CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/29/zyxel-cpe-devices-under-attack-vulnerability-cve-2024-40891/
-
Hackers exploit critical unpatched flaw in Zyxel CPE devices
Hackers are exploiting a critical command injection vulnerability in Zyxel CPE Series devices that is currently tracked as CVE-2024-40891 and remains unpatched since last July. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-critical-unpatched-flaw-in-zyxel-cpe-devices/
-
Critical remote code execution bug found in Cacti framework
A critical flaw in Cacti open-source network monitoring and fault management framework that could allow remote code execution. Cacti is an open-source platform that provides a robust and extensible operational monitoring and fault management framework for users. A critical vulnerability, tracked as CVE-2025-22604 (CVSS score of 9.1), in the Cacti open-source framework could allow an authenticated…
-
New Aquabot Malware Actively Exploiting Mitel SIP phones injection vulnerability
Akamai’s Security Intelligence and Response Team (SIRT) has uncovered a novel variant of the Mirai-based botnet malware, dubbed Aquabotv3, actively targeting Mitel SIP phones via a critical vulnerability. This marks the third observed iteration of Aquabot, which now showcases unique capabilities not previously seen in Mirai derivatives. The malware exploits CVE-2024-41710, a command injection vulnerability…
-
Attackers actively exploit a critical zero-day in Zyxel CPE Series devices
Experts warn that threat actors are actively exploiting critical zero-day vulnerability, tracked as CVE-2024-40891, in Zyxel CPE Series devices. GreyNoise researchers are observing active exploitation attempts targeting a zero-day, tracked as CVE-2024-40891, in Zyxel CPE Series devices. The vulnerability is a command injection issue that remains unpatched and has not yet been publicly disclosed. Attackers can exploit…
-
Windows CLFS Buffer Overflow Vulnerability CVE-2024-49138 PoC Released
A recently disclosed Windows kernel-level vulnerability, identified as CVE-2024-49138, has raised significant security concerns in the cybersecurity community. Leveraging a buffer overflow vulnerability within theWindows Common Log File System (CLFS), researchers have released a proof-of-concept (PoC) exploit, showcasing the critical risks associated with the flaw. The vulnerability, which was identified and patched by Microsoft in December…
-
Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution
A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances.The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of 10.0.”Due to a flaw in the multi-line SNMP result…
-
Zyxel CPE Zero-Day (CVE-2024-40891) Exploited in the Wild
Security researchers have raised alarms about active exploitation attempts targeting a newly discovered zero-day command injection vulnerability in Zyxel CPE Series devices, tracked as CVE-2024-40891. This critical vulnerability, which remains unpatched and undisclosed by the vendor, has left over 1,500 devices globally exposed to potential compromise, as reported by Censys. About the Vulnerability CVE-2024-40891 CVE-2024-40891 […]…
-
Attackers exploit SimpleHelp RMM Software flaws for initial access
Threat actors exploit recently fixed SimpleHelp RMM software vulnerabilities to breach targeted networks, experts warn. Horizon3 researchers discovered three vulnerabilities, tracked as CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728, that could be used to compromise a SimpleHelp server, as well as clients machines being managed by SimpleHelp. The first vulnerability, CVE-2024-57727 (CVSS score of 7.5), is an unauthenticated…
-
TP-Link Router Web Interface XSS Vulnerability PoC Exploit Released
A recently discovered Cross-site Scripting (XSS) vulnerability, CVE-2024-57514, affecting the TP-Link Archer A20 v3 Router has raised security concerns among users. The flaw CVE-2024-57514, identified in firmware version 1.0.6 Build 20231011 rel.85717(5553), allows attackers to execute arbitrary JavaScript code through the router’s web interface, potentially leading to malicious exploitation. Discovery of the Vulnerability The vulnerability stems…
-
Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer
Broadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by malicious actors to gain entrenched database access.The vulnerability, tracked as CVE-2025-22217 (CVSS score: 8.6), has been described as an unauthenticated blind SQL injection.”A malicious user with network access may be able to use specially crafted SQL queries…
-
Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability
Cybersecurity researchers are warning that a critical zero-day vulnerability impacting Zyxel CPE Series devices is seeing active exploitation attempts in the wild.”Attackers can leverage this vulnerability to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration,” GreyNoise researcher Glenn Thorpe said in an alert First seen on thehackernews.com…
-
PoC Exploit Released for Critical Cacti Vulnerability Let Attackers Code Remotely
A critical vulnerability in the Cacti performance monitoring framework, tracked as CVE-2025-22604, has been disclosed, with a proof-of-concept (PoC) exploit now publicly available. This vulnerability allows authenticated users with device management permissions to execute arbitrary code on the server by exploiting a multi-line SNMP result parser flaw. The vulnerability has been rated as critical with…
-
CISA warns of critical, high-risk flaws in ICS products from four vendors
Tags: access, authentication, automation, cisa, cloud, computing, control, credentials, cve, cvss, cybersecurity, data, exploit, flaw, infrastructure, injection, leak, mitigation, monitoring, open-source, remote-code-execution, risk, service, software, threat, update, vulnerability, windowsThe US Cybersecurity and Infrastructure Security Alliance has issued advisories for 11 critical and high-risk vulnerabilities in industrial control systems (ICS) products from several manufacturers.The issues include OS command injection, unsafe deserialization of data, use of broken cryptographic algorithms, authentication bypass, improper access controls, use of default credentials, sensitive information leaks, and more. The flaws…
-
VMware fixed a flaw in Avi Load Balancer
VMware fixed a high-risk blind SQL injection vulnerability in Avi Load Balancer, allowing attackers to exploit databases via crafted queries. VMware warns of a high-risk blind SQL injection vulnerability, tracked as CVE-2025-22217 (CVSS score of 8.6), in Avi Load Balancer, allowing attackers with network access to exploit databases via crafted queries. >>VMware AVI Load Balancer…
-
Apple zero-day vulnerability under attack on iOS devices
Apple said the zero-day vulnerability, tracked as CVE-2025-24085, affects its Core Media framework and “may have been actively exploited against versions of iOS before iOS 17.2.” First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366618572/Apple-zero-day-vulnerability-under-attack-on-iOS-devices
-
iPhone users targeted in Apple’s first zero-day exploit in 2025
Apple iPhone users were targeted for privilege escalation in the zero-day exploitation of a use-after-free vulnerability affecting Apple’s Core Media framework.”A malicious application may be able to elevate privileges,” Apple said in the security update description. “Apple is aware of a report that this issue may have been actively exploited against versions of iOS before…