Tag: remote-code-execution
-
Cisco Confirms Critical CVE-2025-20352 Zero-Day RCE Vulnerability Under Active Exploitation
Tags: attack, cisco, cve, exploit, flaw, incident response, rce, remote-code-execution, security-incident, software, vulnerability, zero-dayCisco has publicly disclosed a critical remote code execution (RCE) vulnerability, tracked as CVE-2025-20352, affecting its widely deployed Cisco IOS and IOS XE software platforms. According to Cisco’s Product Security Incident Response Team (PSIRT), the flaw is being actively exploited in the wild, with confirmed attacks leveraging compromised administrator credentials. First seen on thecyberexpress.com Jump…
-
Cisco IOS/XE Schwachstelle CVE-2025-20352
Cisco hat zum 24. September 2025 eine Sicherheitswarnung veröffentlicht, die sich auf Cisco IOS und IOS XE bezieht. Im Simple Network Management Protocol (SNMP) Subsystem der genannten Produkte gibt es eine Denial of Service and Remote Code Execution Schwachstelle CVE-2025-20352, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/25/cisco-ios-xe-schwachstelle-cve-2025-20352/
-
Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software
Tags: cisco, credentials, cve, dos, exploit, flaw, rce, remote-code-execution, service, software, vulnerabilityCisco has warned of a high-severity security flaw in IOS Software and IOS XE Software that could allow a remote attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition under specific circumstances.The company said the vulnerability, CVE-2025-20352 (CVSS score: 7.7), has been exploited in the wild, adding it became aware of it “after…
-
NVIDIA Merlin Flaw Enables Remote Code Execution with Root Access
A critical vulnerability in NVIDIA’s Merlin Transformers4Rec library allows attackers to achieve remote code execution with root privileges. Discovered by the Trend Micro Zero Day Initiative (ZDI) Threat Hunting Team, the flaw stems from unsafe deserialization in the model checkpoint loading functionality. Tracked as CVE-2025-23298, this vulnerability underscores the persistent security challenges in machine learning…
-
Cisco IOS 0-Day RCE Vulnerability Actively Targeted
Cisco has disclosed a critical zero-day vulnerability in its IOS and IOS XE software that is being actively exploited by threat actors in real-world attacks. The flaw, tracked as CVE-2025-20352, affects the Simple Network Management Protocol (SNMP) subsystem and allows both denial-of-service attacks and remote code execution depending on the attacker’s privilege level. Critical SNMP Stack…
-
NVIDIA Merlin Flaw Enables Remote Code Execution with Root Access
A critical vulnerability in NVIDIA’s Merlin Transformers4Rec library allows attackers to achieve remote code execution with root privileges. Discovered by the Trend Micro Zero Day Initiative (ZDI) Threat Hunting Team, the flaw stems from unsafe deserialization in the model checkpoint loading functionality. Tracked as CVE-2025-23298, this vulnerability underscores the persistent security challenges in machine learning…
-
Cisco IOS 0-Day RCE Vulnerability Actively Targeted
Cisco has disclosed a critical zero-day vulnerability in its IOS and IOS XE software that is being actively exploited by threat actors in real-world attacks. The flaw, tracked as CVE-2025-20352, affects the Simple Network Management Protocol (SNMP) subsystem and allows both denial-of-service attacks and remote code execution depending on the attacker’s privilege level. Critical SNMP Stack…
-
How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw
Tags: breach, cisa, cve, cybersecurity, exploit, flaw, infrastructure, remote-code-execution, threat, vulnerabilityUS CISA revealed that threat actors exploited an unpatched vulnerability in GeoServer to breach a U.S. federal civilian agency’s network. Threat actors breached a U.S. federal agency via unpatched GeoServer flaw, tracked as CVE-2024-36401 (CVSS score of 9.8), which is a critical remote code execution (RCE) issue. In mid-July 2024, the U.S. Cybersecurity and Infrastructure…
-
CISA Reveals Hackers Breached U.S. Federal Agency via GeoServer RCE Flaw
Tags: access, breach, cisa, cyber, cybersecurity, detection, endpoint, exploit, flaw, hacker, incident response, Intruder, rce, remote-code-execution, vulnerabilityFederal cybersecurity agency CISA has disclosed that attackers exploited a remote code execution vulnerability in GeoServer to breach a U.S. federal civilian executive branch agency. The incident response began after endpoint detection alerts sounded at the agency. Over three weeks, cyber intruders used the flaw to gain initial access, move laterally, and establish persistence across…
-
Third time’s the charm? SolarWinds (again) patches critical Web Help Desk RCE
Or maybe 3 strikes, you’re out? First seen on theregister.com Jump to article: www.theregister.com/2025/09/23/solarwinds_patches_rce/
-
SolarWinds warns over dangerous RCE flaw
A newly-uncovered RCE flaw in SolarWinds’ helpdesk product bypasses two previously-issued fixes, and users should prioritise updates as exploitation is likely to occur. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366631672/SolarWinds-warns-over-dangerous-RCE-flaw
-
SolarWinds releases third patch to fix Web Help Desk RCE bug
SolarWinds has released a hotfix for a critical a critical vulnerability in Web Help Desk that allows remote code execution (RCE) without authentication. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/solarwinds-releases-third-patch-to-fix-web-help-desk-rce-bug/
-
SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw
SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could allow attackers to execute arbitrary commands on susceptible systems.The vulnerability, tracked as CVE-2025-26399 (CVSS score: 9.8), has been described as an instance of deserialization of untrusted data that could result in code execution.…
-
HubSpot’s Jinjava Engine Flaw Exposes Thousands of Sites to RCE Attacks
A critical security vulnerability has been discovered in HubSpot’s Jinjava template engine, potentially exposing thousands of websites and applications to remote code execution attacks. The flaw, tracked as CVE-2025-59340, carries the maximum CVSS score of 10.0, indicating the severity of the security risk. Sandbox Bypass Enables Dangerous Exploits The vulnerability stems from a sandbox bypass mechanism…
-
WatchGuard warns of critical vulnerability in Firebox firewalls
WatchGuard has released security updates to address a remote code execution vulnerability impacting the company’s Firebox firewalls. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/watchguard-warns-of-critical-vulnerability-in-firebox-firewalls/
-
Apple patches critical zero-day in ImageIO amid reports of targeted exploits
Attackers shifting to core image services: Attackers seem to be moving focus to image processing modules in core system software, rather than going after obvious network-facing services or applications. Last week, Samsung patched a critical bug (CVE-2025-21043) affecting its supplied image library ‘libimagecodec.quram.so’ that allowed remote code execution via a crafted image with zero user…
-
Apple patches critical zero-day in ImageIO amid reports of targeted exploits
Attackers shifting to core image services: Attackers seem to be moving focus to image processing modules in core system software, rather than going after obvious network-facing services or applications. Last week, Samsung patched a critical bug (CVE-2025-21043) affecting its supplied image library ‘libimagecodec.quram.so’ that allowed remote code execution via a crafted image with zero user…
-
Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover
Tags: access, cybersecurity, exploit, flaw, injection, kubernetes, network, rce, remote-code-execution, vulnerabilityCybersecurity researchers have disclosed multiple critical security vulnerabilities in Chaos Mesh that, if successfully exploited, could lead to cluster takeover in Kubernetes environments.”Attackers need only minimal in-cluster network access to exploit these vulnerabilities, execute the platform’s fault injections (such as shutting down pods or disrupting network communications), and perform First seen on thehackernews.com Jump to…
-
0-Click Linux Kernel KSMBD Vulnerability Enables Remote Code Execution via N-Day Exploit
A recent vulnerability in the Linux Kernel’s KSMBD module allows an attacker to execute arbitrary code on a target system without any user interaction. KSMBD is a kernel-space SMB3 server that handles network file sharing. Researchers demonstrated a stable exploit against KSMBD in Linux 6.1.45, achieving remote code execution (RCE) with a success rate above…
-
CISA warns of actively exploited Dassault RCE vulnerability
Tags: cisa, cybersecurity, exploit, flaw, hacker, infrastructure, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers exploiting a critical remote code execution flaw in DELMIA Apriso, a manufacturing operations management (MOM) and execution (MES) solution from French company Dassault Systèmes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-dassault-rce-vulnerability/
-
Samsung fixed actively exploited zero-day
Samsung fixed the remote code execution flaw CVE-2025-21043 that was exploited in zero-day attacks against Android devices. Samsung addressed the remote code execution vulnerability, tracked as CVE-2025-21043, that was exploited in zero-day attacks against Android users. The vulnerability is an out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1. A remote attacker can exploit…
-
Samsung patches actively exploited zero-day reported by WhatsApp
Samsung has patched a remote code execution vulnerability that was exploited in zero-day attacks targeting its Android devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/samsung-patches-actively-exploited-zero-day-reported-by-whatsapp/
-
Apple CarPlay RCE Exploit Left Unaddressed in Most Cars
Even when a vulnerability is serious and a fix is available, actually securing cars is more difficult than one would hope. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/apple-carplay-rce-exploit
-
Cursor AI Code Editor RCE Flaw Allows Malicious Code to Autorun on Machines
A critical vulnerability in the Cursor AI Code Editor exposes developers to stealthy remote code execution (RCE) attacks when opening code repositories, security researchers warn. The flaw, discovered by Oasis Security, allows attackers to deliver and run harmful code automatically, with no warning prompt, putting vital secrets and cloud access at risk. Vulnerability Breakdown Cursor,…
-
SAP September 2025 Patch Day fixed 4 critical flaws
SAP issues 21 new and 4 updated security notes, fixing critical NetWeaver flaws enabling RCE and privilege escalation. SAP this week issued 21 new and four updated security notes as part of the company’s September Patch Day, including four notes that address critical vulnerabilities in NetWeaver. Onapsis Research Labs supported SAP in patching two critical…
-
Apple CarPlay Vulnerability Allows Remote Code Execution to Gain Root Access
A newly disclosed vulnerability in Apple’s CarPlay ecosystem enablesremote code execution with root privileges, posing a serious risk to connected vehicles. Discovered by the Oligo Security Research team and tracked asCVE-2025-24132, the flaw resides within the AirPlay protocol implementation used by CarPlay systems. CVE ID Affected Components Versions Impacted CVE-2025-24132 AirPlay Audio SDK < 2.7.1…
-
Apple CarPlay Vulnerability Allows Remote Code Execution to Gain Root Access
A newly disclosed vulnerability in Apple’s CarPlay ecosystem enablesremote code execution with root privileges, posing a serious risk to connected vehicles. Discovered by the Oligo Security Research team and tracked asCVE-2025-24132, the flaw resides within the AirPlay protocol implementation used by CarPlay systems. CVE ID Affected Components Versions Impacted CVE-2025-24132 AirPlay Audio SDK < 2.7.1…
-
Adobe Releases Emergency Patch for Critical Flaw in Commerce and Magento
The vulnerability, dubbed SessionReaper, allows customer account takeover and unauthenticated remote code execution First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/adobes-emergency-patch-commerce/
-
Adobe Releases Emergency Patch for Critical Flaw in Commerce and Magento
The vulnerability, dubbed SessionReaper, allows customer account takeover and unauthenticated remote code execution First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/adobes-emergency-patch-commerce/
-
Adobe Releases Emergency Patch for Critical Flaw in Commerce and Magento
The vulnerability, dubbed SessionReaper, allows customer account takeover and unauthenticated remote code execution First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/adobes-emergency-patch-commerce/