Tag: rce
-
Ivanti 0-Day RCE Flaw Exploitation Details Revealed
Tags: cyber, cybersecurity, exploit, flaw, ivanti, rce, remote-code-execution, vulnerability, zero-dayA critical unauthenticated Remote Code Execution (RCE) vulnerability, CVE-2025-22457, has been disclosed by Ivanti, sparking concerns across the cybersecurity industry. The flaw, which affects several Ivanti products, allows attackers to execute arbitrary code remotely, potentially compromising sensitive enterprise environments. Researchers, including the Rapid7 vulnerability team, have provided a detailed breakdown of how the flaw was exploited and what…
-
Whatsapp plugs bug allowing RCE with spoofed filenames
Whatsapp makes for a popular attack vector: Whatsapp has been frequently targeted in the past for its popularity as an encrypted chatting platform. With over 10 billion downloads on Google Play Store alone, the platform makes for a lucrative target for threat actors.A similar security oversight was reported in July 2024 to be affecting the…
-
RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406)
A critical RCE vulnerability (CVE-2025-30406) affecting the Gladinet CentreStack file-sharing/remote access platform has been added to CISA’s Known Exploited … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/09/rce-gladinet-centrestack-file-sharing-exploited-cve-2025-30406/
-
CentreStack RCE exploited as zero-day to breach file sharing servers
Hackers exploited a vulnerability in Gladinet CentreStack’s secure file-sharing software as a zero-day since March to breach storage servers First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/centrestack-rce-exploited-as-zero-day-to-breach-file-sharing-servers/
-
Ivanti Released Security Update With The Fixes for Critical Endpoint Manager RCE Vulnerabilities
Ivanti, a prominent enterprise software provider, has issued an urgent security advisory today addressing multiple vulnerabilities in its Endpoint Manager (EPM) products. The updates for EPM 2024 SU1 and EPM 2022 SU7 resolve six critical and medium-severity flaws that could allow attackers to gain remote access, escalate privileges, or disrupt systems. While no exploitation has…
-
Over 5,000 Ivanti Connect Secure Devices Exposed to RCE Vulnerabilities
Over 5,000 Ivanti Connect Secure devices remain vulnerable to a critical remote code execution (RCE) flaw, according to data from the Shadowserver Foundation. The vulnerability, tracked as CVE-2025-22457, stems from a stack-based buffer overflow issue, enabling unauthenticated attackers to execute arbitrary code remotely. The flaw has already been exploited in the wild, raising alarms across the…
-
Apache Parquet Critical RCE via Deserialization (CVE-2025-30065)
Summary On April 5, 2025, a critical deserialization vulnerability (CVE-2025-30065) affecting Apache Parquet was disclosed. Apache Parquet is an open source, column-oriented data file format First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/04/08/apache-parquet-critical-rce-via-deserialization-cve-2025-30065/
-
RCE Vulnerability in Apache Parquet Poses Risk to Big Data Systems
First seen on scworld.com Jump to article: www.scworld.com/brief/rce-vulnerability-in-apache-parquet-poses-risk-to-big-data-systems
-
Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild
April 5, 2025 Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways. Rated at a CVSS score of 9.0, this stack-based buffer overflow has been actively exploited since mid-March 2025, posing a severe risk to organizations using these […]…
-
Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE
No known exploits yet: Neither Endor Labs nor NIST’s NVD entry reported any exploit attempts using CVE-2025-30065 as of publication of this article. Apache silently pushed a fix with the release of 1.15.1 on March 16, 2025, with a GitHub redirect to changes made in the update.Endor Labs advised prompt patching of the vulnerability, which…
-
Max severity RCE flaw discovered in widely used Apache Parquet
A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/max-severity-rce-flaw-discovered-in-widely-used-apache-parquet/
-
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese APT group has exploited CVE-2025-22457 a buffer overflow bug that was previously thought not to be exploitable to compromise appliances … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/03/ivanti-vpn-customers-targeted-via-unrecognized-rce-vulnerability-cve-2025-22457/
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances
Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits. The post Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/
-
Google Quick Share Bug Bypasses Allow Zero-Click File Transfer
Google addresses patch bypasses for CVE-2024-38272 and CVE-2024-38271, part of the previously announced QuickShell silent RCE attack chain against Windows users. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/google-quick-share-bug-bypasses-zero-click-file-transfer
-
An Update on QuickShell: Sharing Is Caring about an RCE Attack Chain on Quick Share
See how a SafeBreach Labs researcher discovered a bypass for a fix to a critical vulnerability they previously reported in Google’s Quick Share data transfer utility. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/an-update-on-quickshell-sharing-is-caring-about-an-rce-attack-chain-on-quick-share/
-
Hewlett Packard RCE Vulnerability Allows Attackers to Bypass Authentication and Execute Remote Commands
A critical unauthenticated remote code execution (RCE) vulnerability in HPE Insight Cluster Management Utility (CMU) v8.2 allows attackers to bypass authentication and execute commands as root on high-performance computing (HPC) clusters, researchers revealed today. Tracked as CVE-2024-13804, the flaw exposes HPC environments to full cluster compromise through weaponized Java client applications. Technical Breakdown The vulnerability stems from…
-
Apache Tomcat Vulnerability Exploited to Execute Malicious Arbitrary Code on Servers
A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-24813, is being actively exploited in Apache Tomcat servers. Critical RCE Flaw in Apache Tomcat The flaw allows attackers to upload malicious files via unauthenticated HTTP PUT requests, followed by a GET request to trigger deserialization, leading to arbitrary code execution. Affected versions include Tomcat 9.0.0-M1…
-
PoC Exploit Released for Ingress-NGINX RCE Vulnerabilities
A recently disclosed vulnerability in Ingress-NGINX, tracked as CVE-2025-1974, has raised concerns about the security of Kubernetes environments. This vulnerability allows for Remote Code Execution (RCE) through the validating webhook server integrated into Ingress-NGINX. A Proof of Concept (PoC) exploit has been released, demonstrating how attackers could exploit this flaw. CVE-2025-1974 affects versions of Ingress-NGINX…
-
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerabilities are listed below -CVE-2019-9874 (CVSS score: 9.8) – A deserialization vulnerability in the Sitecore.Security.AntiCSRF First seen on thehackernews.com Jump to…
-
Splunk RCE Vulnerability Enables Remote Code Execution via File Upload
A severe vulnerability in Splunk Enterprise and Splunk Cloud Platform has been identified, allowing for Remote Code Execution (RCE) via file uploads. This exploit can be triggered by a low-privileged user, highlighting significant security risks for affected organizations. Vulnerability Overview: The vulnerability, tracked as CVE-2025-20229, has a CVSSv3.1 score of 8.0, classified as High. The…
-
New Sophisticated Linux Backdoor Targets OT Systems via 0-Day RCE Exploit
Researchers at QiAnXin XLab have uncovered a sophisticated Linux-based backdoor dubbed OrpaCrab, specifically targeting industrial systems associated with ORPAK, a company involved in gas stations and oil transportation. The malware, which was uploaded to VirusTotal in January 2024 from the U.S., employs advanced techniques to evade detection and maintain persistence on compromised systems. Exploitation of…
-
Critical RCE flaws put Kubernetes clusters at risk of takeover
Two ways to mitigate the flaws: The best fix is to upgrade the Ingress-NGINX component to one of the patched versions. Admins can determine if it’s being used inside their clusters by typing: kubectl get pods all-namespaces selector app.kubernetes.io/name=ingress-nginxIn situations where an immediate version upgrade is not possible, admins can reduce risk by deleting the…
-
Unauthenticated RCE possible with critical Ingress NGINX flaw
First seen on scworld.com Jump to article: www.scworld.com/brief/unauthenticated-rce-possible-with-critical-ingress-nginx-flaw
-
Zero Day: Russische Firma zahlt für Telegram-Lücken Millionen
Ein russischer Schwachstellenhändler nennt neue Preise für RCE-Lücken in Telegram. Für Exploits gibt es bis zu vier Millionen US-Dollar. First seen on golem.de Jump to article: www.golem.de/news/zero-day-russische-firma-zahlt-millionen-fuer-telegram-luecken-2503-194649.html
-
IngressNightmare: Four Critical Bugs Found in 40% of Cloud Systems
Wiz Security finds four critical RCE vulnerabilities in the Ingress NGINX Controller for Kubernetes First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ingressnightmare-critical-bugs-40/
-
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500 clusters at immediate risk by exposing the component to the public internet.The vulnerabilities (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974 ), assigned a CVSS score of First seen…
-
Critical Apache Tomcat RCE vulnerability exploited
Attack attempts via;CVE-2025-24813 are underway, but successful attacks require specific, non-default configurations, according to GreyNoise. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/threat-activity-targeting-critical-apache-tomcat-rce-vulnerability/743313/
-
Week in review: Veeam Backup & Replication RCE fixed, free file converter sites deliver malware
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Critical Veeam Backup Replication RCE vulnerability fixed, patch ASAP! … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/23/week-in-review-veeam-backup-replication-rce-fixed-free-file-converter-sites-deliver-malware/