Tag: cve
-
SonicWall Confirms Exploitation of New SMA Zero-Day
SonicWall has confirmed that an SMA 1000 zero-day tracked as CVE-2025-23006 has been exploited in the wild. The post SonicWall Confirms Exploitation of New SMA Zero-Day appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/sonicwall-confirms-exploitation-of-new-sma-zero-day/
-
Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085)
Apple has shipped a fix for a zero-day vulnerability (CVE-2025-24085) that is being leveraged by attackers against iPhone users. About CVE-2025-24085 CVE-2025-24085 is a use … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/28/apple-zero-day-vulnerability-exploited-to-target-iphone-cve-2025-24085/
-
Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More
Apple has released software updates to address several security flaws across its portfolio, including a zero-day vulnerability that it said has been exploited in the wild.The vulnerability, tracked as CVE-2025-24085, has been described as a use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate…
-
Privacy Roundup: Week 4 of Year 2025
Tags: access, ai, apt, attack, backup, botnet, breach, cctv, cve, cybersecurity, data, data-breach, detection, email, exploit, firmware, flaw, google, group, identity, infrastructure, korea, lazarus, leak, login, malicious, malware, north-korea, phishing, phone, privacy, regulation, remote-code-execution, risk, router, scam, service, software, startup, technology, threat, tool, update, virus, vulnerability, windowsThis is a news item roundup of privacy or privacy-related news items for 19 JAN 2025 – 25 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
A pickle in Meta’s LLM code could allow RCE attacks
Tags: ai, attack, breach, cve, cvss, data, data-breach, exploit, flaw, framework, github, LLM, malicious, ml, network, open-source, rce, remote-code-execution, software, supply-chain, technology, theft, vulnerabilityMeta’s large language model (LLM) framework, Llama, suffers a typical open-source coding oversight, potentially allowing arbitrary code execution on servers leading to resource theft, data breaches, and AI model takeover.The flaw, tracked as CVE-2024-50050, is a critical deserialization bug belonging to a class of vulnerabilities arising from the improper use of the open-source library (pyzmq)…
-
DEF CON 32 Bluetooth Blues: Unmasking CVE 2023-52709 The TI BLE5-Stack Attack
Author/Presenter: Kevin Mitchell Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/def-con-32-bluetooth-blues-unmasking-cve-2023-52709-the-ti-ble5-stack-attack/
-
Sophos zeigt effektive Strategien bei der Patch-Priorisierung auf
Die Zahl der bekannten Schwachstellen auch als Common Vulnerabilities and Exposures (CVE) bekannt wächst rasant. 2022 wurden 25.277 CVEs gemeldet, 2023 bereits 29.065. Für 2024 ist ein weiterer Anstieg zu erwarten. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-zeigt-effektive-strategien-bei-der-patch-priorisierung-auf/a39555/
-
Cisco patches antivirus decommissioning bug as exploit code surfaces
Cisco has patched a denial-of-service (DoS) vulnerability affecting its open-source antivirus software toolkit, ClamAV, which already has a proof-of-concept (PoC) exploit code available to the public.Identified as CVE-2025-20128, the vulnerability stems from a heap-based buffer overflow in the Object Linking and Embedding 2 (OLE2) decryption routine, enabling unauthenticated remote attackers to cause a DoS condition…
-
SonicWall Learns From Microsoft About Potentially Exploited Zero-Day
SonicWall has credited Microsoft for reporting CVE-2025-23006, a critical remote command execution vulnerability possibly exploited in the wild. The post SonicWall Learns From Microsoft About Potentially Exploited Zero-Day appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/sonicwall-learns-from-microsoft-about-potentially-exploited-zero-day/
-
SonicWall Arbitrary OS Commands Execution Vulnerability Exploited in Attacks
Tags: advisory, attack, cve, cvss, cyber, exploit, incident response, security-incident, threat, update, vulnerabilityA critical vulnerability in SonicWall’s SMA1000 series tracked as CVE-2025-23006, has come under active exploitation by threat actors. SonicWall’s PSIRT (Product Security Incident Response Team) has issued an urgent advisory urging users to update their systems immediately to mitigate risks. Details of CVE-2025-23006 The vulnerability, which scores an alarming9.8/10on the CVSS v3 severity scale, stems from…
-
SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation
SonicWall is alerting customers of a critical security flaw impacting its Secure Mobile Access (SMA) 1000 Series appliances that it said has been likely exploited in the wild as a zero-day.The vulnerability, tracked as CVE-2025-23006, is rated 9.8 out of a maximum of 10.0 on the CVSS scoring system.”Pre-authentication deserialization of untrusted data vulnerability has…
-
Cisco addresses a critical privilege escalation bug in Meeting Management
Cisco addressed a critical flaw in its Meeting Management that could allow it to gain administrator privileges on vulnerable instances. Cisco released security updates to fix a critical flaw, tracked as CVE-2025-20156 (CVSS score of 9.9) affecting its Meeting Management. A remote, authenticated attacker can exploit the vulnerability to gain administrator privileges on affected instances.…
-
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)
Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on susceptible instances.The vulnerability, tracked as CVE-2025-20156, carries a CVSS score of 9.9 out 10.0. It has been described as a privilege escalation flaw in the REST API of Cisco…
-
7-ZIP-Schwachstelle ermöglicht MoW-Bypass
Im Archivprogramm 7-Zip für Windows gibt es eine Schwachstelle, die beim Entpacken von Archiven kritisch werden kann. Die “Mark of Web”-Kennzeichnung für Downloads kann beim Entpacken aufgehoben werden. Es gibt bereits ein Update, um die Schwachstelle zu beseitigen. Schwachstelle CVE-2025-0411 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/01/22/7-zip-schwachstelle-ermoeglicht-mow-bypass/
-
A Record-Breaking Year for CVEs and How Veriti Helped Customers Be Proactive
2024 was a watershed moment in cybersecurity, marked by a staggering surge in CVEs. A record-breaking 40,009 CVEs were published, representing a 38.8% increase over the previous year. This explosive growth in disclosed vulnerabilities brought both challenges and opportunities for organizations aiming to stay ahead of the curve with preemptive cybersecurity. The CVE Explosion in……
-
Oracle Patches 200 Vulnerabilities With January 2025 CPU
Oracle has released 318 new security patches to address roughly 200 unique CVEs as part of its January 2025 Critical Patch Update. The post Oracle Patches 200 Vulnerabilities With January 2025 CPU appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/oracle-patches-200-vulnerabilities-with-january-2025-cpu/
-
48,000+ internet-facing Fortinet firewalls still open to attack
Despite last week’s confirmation of and warnings about long-standing exploitation of CVE-2024-55591, a critical vulnerability affecting Fortinet Fortigate firewalls, too … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/22/48000-internet-facing-fortinet-firewalls-still-open-to-attack/
-
A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature
A vulnerability in the 7-Zip file software allows attackers to bypass the Mark of the Web (MotW) Windows security feature. Attackers can exploit a vulnerability, tracked as CVE-2025-0411, in the free, open-source file archiver software 7-Zip to bypass the Mark of the Web (MotW) Windows security feature. Mark of the Web (MotW) is a security…
-
Three New ICS Advisories Released by CISA Detailing Vulnerabilities Mitigations
The Cybersecurity and Infrastructure Security Agency (CISA) announced three new Industrial Control Systems (ICS) advisories. These advisories provide critical insights into vulnerabilities impacting Traffic Alert and Collision Avoidance Systems (TCAS) II, Siemens SIMATIC S7-1200 CPUs, and ZF Roll Stability Support Plus (RSSPlus). Each advisory includes detailed technical descriptions of the vulnerabilities, associated CVEs, and recommended…
-
Imperva Protects Against the Exploited CVEs in the Cleo Data Theft Attacks
The Clop ransomware group has once again demonstrated its ability to exploit vulnerabilities to compromise sensitive systems. As Cleo”, a managed file transfer provider for businesses”, grapples with the aftermath of Clop’s targeted attack on their systems, the spotlight turns to CVE-2024-50623 and CVE-2024-55956, two critical vulnerabilities that enabled these breaches. In this blog, we’ll…
-
PoC Exploit Released for TP-Link Code Execution Vulnerability(CVE-2024-54887)
A security researcher, exploring reverse engineering and exploit development, has successfully identified a critical vulnerability in the TP-Link TL-WR940N router, specifically affecting hardware versions 3 and 4 with all firmware up to the latest version. This vulnerability, which has been documented as CVE-2024-54887, allows for potential arbitrary remote code execution (RCE) through stack buffer overflow…
-
Brave Browser Vulnerability Allows Malicious Website Appears as Trusted One
A security vulnerability has been identified in Brave Browser, potentially allowing malicious websites to masquerade as trusted ones during file upload or download operations. The issue, tracked under CVE-2025-23086, affects specific versions of the Brave browser on desktop platforms, creating a risk for unsuspecting users. Brave Browser Vulnerability The vulnerability impacts Brave Browser versions 1.70.x…
-
Critical SUSE Linux Distro Injection Vulnerability Allow Attackers Exploits “go-git” Library
A significant security vulnerability, designated CVE-2025-21613, has been discovered in the go-git library, used for Git version control in pure Go applications. This issue affects all versions before 5.13.0 and is characterized by an argument injection vulnerability, enabling potential attackers to modify git-upload-pack flags when utilizing the file transport protocol. This protocol is particularly vulnerable…
-
Apache CXF Vulnerability Triggers DoS Attack
Colm O hEigeartaigh announced a critical vulnerability affecting various versions of Apache CXF, a widely-used framework for building web services. This issue, documented as CVE-2025-23184, poses a significant risk as it can lead to a Denial of Service (DoS) attack due to improper handling of temporary files. The vulnerability has been confirmed in specific versions…
-
PoC Exploit Released for TP-Link Code Execution Vulnerability (CVE-2024-54887)
A serious code execution vulnerability in the TP-Link TL-WR940N router, identified as CVE-2024-54887, has become the focus of intense scrutiny following the release of a proof-of-concept (PoC) exploit. This vulnerability allows attackers to execute arbitrary code on the device remotely without authentication, posing significant risks to network security. The following article provides an overview of…
-
OpenVPN Easy-rsa Vulnerability Allows Attacker to Bruteforce Private CA key
A significant security vulnerability, designated as CVE-2024-13454, has been discovered in the OpenVPN Easy-RSA tool, specifically affecting versions from 3.0.5 to 3.2.0 that utilize OpenSSL 3. This flaw pertains to the incorrect encryption of password-protected Certificate Authority (CA) private keys when using the easyrsa build-ca command. Instead of employing the secureaes-256-cbccipher as intended, Easy-RSA incorrectly defaults to…
-
Vim Command Line Text Editor Segmentation Vulnerability Patched
Christian Brabandt, a prominent figure in the Vim community, announced the patching of a medium-severity segmentation fault vulnerability identified as CVE-2025-24014. The vulnerability, discovered in versions of Vim before 9.1.1043, could potentially be exploited during silent Ex mode operations, which are designed to run without a visible interface. CVE-2025-24014 can be referenced for further details and tracking…
-
Ridding your network of NTLM
Tags: attack, authentication, cloud, crowdstrike, cve, email, encryption, exploit, group, hacker, ibm, Internet, jobs, malicious, microsoft, network, ntlm, password, service, technology, tool, update, vulnerability, windowsMicrosoft has hinted at a possible end to NTLM a few times, but with quite a few Windows 95 or 98 in use that do not support the alternative, Kerberos, it won’t be an easy job to do. There is the option to disable NTLM when using Azure Active Directory but that may not always…