Tag: remote-code-execution
-
SAP September 2025 Patch Day fixed 4 critical flaws
SAP issues 21 new and 4 updated security notes, fixing critical NetWeaver flaws enabling RCE and privilege escalation. SAP this week issued 21 new and four updated security notes as part of the company’s September Patch Day, including four notes that address critical vulnerabilities in NetWeaver. Onapsis Research Labs supported SAP in patching two critical…
-
Ivanti Endpoint Manager Vulnerabilities Allow Remote Code Execution by Attackers
Tags: advisory, control, cve, cvss, cyber, endpoint, flaw, ivanti, remote-code-execution, vulnerabilityIvanti released Security Advisory for Endpoint Manager versions 2024 SU3 and 2022 SU8, detailing two high”severity flaws (CVE-2025-9712 and CVE-2025-9872). Both issues stem from insufficient filename validation and require only minimal user interaction, potentially granting full control over affected systems. Vulnerability Overview The two vulnerabilities share identical characteristics and impact: CVE Number Description CVSS Score…
-
Ivanti Endpoint Manager Vulnerabilities Allow Remote Code Execution by Attackers
Tags: advisory, control, cve, cvss, cyber, endpoint, flaw, ivanti, remote-code-execution, vulnerabilityIvanti released Security Advisory for Endpoint Manager versions 2024 SU3 and 2022 SU8, detailing two high”severity flaws (CVE-2025-9712 and CVE-2025-9872). Both issues stem from insufficient filename validation and require only minimal user interaction, potentially granting full control over affected systems. Vulnerability Overview The two vulnerabilities share identical characteristics and impact: CVE Number Description CVSS Score…
-
Zero-Day in Sitecore Exploited to Deploy WEEPSTEEL Malware
Hackers exploit a Sitecore zero-day (CVE-2025-53690) to deploy WEEPSTEEL Malware via ViewState attacks, enabling Remote Code Execution (RCE). First seen on hackread.com Jump to article: hackread.com/zero-day-sitecore-exploited-deploy-weepsteel-malware/
-
Apache Jackrabbit Vulnerability Exposes Systems to Remote Code Execution Attacks
A new security flaw has been discovered in Apache Jackrabbit, a widely used content repository system, potentially exposing thousands of applications to remote code execution (RCE) risks. The vulnerability, tracked asCVE-2025-58782, affects both Apache Jackrabbit Core and Apache Jackrabbit JCR Commons, with severity rated asimportant. The issue arises fromdeserialization of untrusted datawithin JNDI-based repository lookups.…
-
Speicherüberlauf führt zu RCE oder DoS – Konfiguration von Citrix Netscaler schafft Sicherheitslücken
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecken-in-citrix-netscaler-adc-und-gateway-a-e4f033f5440b22845a4489fc64ba5bce/
-
Namespace Reuse Vulnerability Exposes AI Platforms to Remote Code Execution
A newly discovered vulnerability in the AI supply chain”, termed Model Namespace Reuse”, permits attackers to achieve Remote Code Execution (RCE) across major AI platforms, including Microsoft Azure AI Foundry, Google Vertex AI, and thousands of open-source projects. By re-registering abandoned or deleted model namespaces on Hugging Face, malicious actors can trick pipelines that fetch…
-
Chrome 140 Release Fixes Critical RCE Vulnerabilities
Tags: browser, chrome, cyber, google, linux, rce, remote-code-execution, update, vulnerability, windowsGoogle has released Chrome 140 to the stable channel for Windows, Mac, and Linux. This update will roll out to users over the coming days and weeks. The new version, 140.0.7339.80 for Linux and 140.0.7339.80/81 for Windows and Mac, delivers several security fixes and improvements. A full list of changes is available in the Chromium log.…
-
IIS WebDeploy RCE Vulnerability Gets Public PoC
A newly disclosed remote code execution (RCE) vulnerability in Microsoft’s IIS Web Deploy toolchain has captured industry attention after the release of a public proof-of-concept. Tracked as CVE-2025-53772, this flaw resides in the unsafe deserialization logic of the msdeployagentservice and msdeploy.axd endpoints, allowing authenticated attackers to run arbitrary code on vulnerable web servers. IIS Web…
-
Google Web Designer Vulnerability Lets Hackers Take Over Client Systems
Tags: api, cyber, data-breach, flaw, google, hacker, malicious, remote-code-execution, vulnerability, windowsA critical client-side remote code execution (RCE) vulnerability in Google Web Designer exposed Windows users to full system compromise, according to a detailed write-up by security researcher Balint Magyar. Affecting versions prior to 16.4.0.0711 (released July 29, 2025), the flaw allowed attackers to inject malicious CSS into a configuration file and leverage an internal API…
-
Google Web Designer Vulnerability Lets Hackers Take Over Client Systems
Tags: api, cyber, data-breach, flaw, google, hacker, malicious, remote-code-execution, vulnerability, windowsA critical client-side remote code execution (RCE) vulnerability in Google Web Designer exposed Windows users to full system compromise, according to a detailed write-up by security researcher Balint Magyar. Affecting versions prior to 16.4.0.0711 (released July 29, 2025), the flaw allowed attackers to inject malicious CSS into a configuration file and leverage an internal API…
-
Critical ImageMagick Vulnerability Allows Remote Code Execution
Acritical security vulnerabilityhas been discovered in ImageMagick, the widely used open-source image processing software, that could allow attackers to execute arbitrary code remotely. The vulnerability, tracked as CVE-2025-57803 with a severity score of 9.8 out of 10, affects 32-bit builds of ImageMagick versions before 7.1.2-2 and 6.9.13-28. The Vulnerability Details The security flaw stems from a 32-bit…
-
Week in review: 300k+ Plex Media Server instances still vulnerable to attack, exploited Git RCE flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 300k+ Plex Media Server instances still vulnerable to attack via … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/31/week-in-review-300k-plex-media-server-instances-still-vulnerable-to-attack-exploited-git-rce-flaw/
-
Citrix 0-Day Flaw Under Active Exploitation Since May
Tags: attack, citrix, cve, cyber, exploit, flaw, government, remote-code-execution, vulnerability, zero-daySecurity researcher Kevin Beaumont has revealed alarming details about CVE-2025-6543, a critical Citrix NetScaler vulnerability that was actively exploited as a zero-day attack for months before the company issued patches. What Citrix initially downplayed as a simple >>denial of service
-
Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks
Tags: access, advisory, attack, authentication, china, cisa, cisco, credentials, cve, cyber, cybersecurity, data, espionage, exploit, firewall, fortinet, germany, government, identity, infrastructure, injection, ivanti, kev, malicious, microsoft, military, mitigation, mitre, network, remote-code-execution, risk, software, tactics, threat, update, vulnerability, zero-dayAn analysis of Tenable telemetry data shows that the vulnerabilities being exploited by Chinese state-sponsored actors remain unremediated on a considerable number of devices, posing major risk to the organizations that have yet to successfully address these flaws. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ)…
-
Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution
Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution. The flaws, per watchTowr Labs, are listed below -CVE-2025-53693 – HTML cache poisoning through unsafe reflectionsCVE-2025-53691 – Remote code execution (RCE) through insecure deserializationCVE-2025-53694 – First seen on thehackernews.com Jump to…
-
FreePBX Servers Hit by 0-Day Exploit, Disable Internet Access Advised
Tags: access, control, cyber, data-breach, endpoint, exploit, Internet, network, remote-code-execution, vulnerability, zero-dayFreePBX administrators worldwide have been urged to immediately disable public internet access to their systems after a critical 0-day vulnerability was discovered in the commercial Endpoint Manager module. The Sangoma FreePBX Security Team confirmed that attacker-controlled exploit code can gain unauthenticated remote code execution on systems with the Administrator Control Panel exposed to hostile networks,…
-
CISA Issues Alert on Citrix NetScaler 0-Day RCE Exploited in the Wild
Tags: cisa, citrix, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert after detecting active exploitation of a critical zero-day remote code execution (RCE) vulnerability in Citrix NetScaler devices. Designated CVE-2025-7775, the flaw stems from a memory overflow in NetScaler’s traffic management subsystem and was recently added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog. Evidence…
-
Over 28,000 Citrix Servers at Risk from Active 0-Day RCE Exploit
Tags: citrix, cyber, cybersecurity, exploit, flaw, rce, remote-code-execution, risk, threat, vulnerability, zero-dayAcritical zero-day remote code execution (RCE) vulnerabilityis currently threatening the security of over 28,000 Citrix instances worldwide. The flaw, designated as CVE-2025-7775, is being actively exploited by threat actors, prompting urgent security warnings from cybersecurity authorities and immediate action requirements from organizations running affected systems. Widespread Vulnerability Exposure The Shadowserver Foundation’s latest research reveals alarming statistics…
-
Attackers exploiting NetScaler ADC and Gateway zero day flaw, Citrix warns
Tags: access, advisory, attack, authentication, backdoor, citrix, control, country, cve, cvss, cyber, cybersecurity, exploit, flaw, group, infrastructure, mitigation, rce, remote-code-execution, service, update, vulnerability, zero-dayNetScaler must be configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or service groups bound with IPv6 servers, and those bound with DBS IPv6 services or…
-
Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775
Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation. Experts at the Shadowserver Foundation warn that more than 28,200 Citrix instances are vulnerable to the vulnerability CVE-2025-7775, which is under active exploitation. CVE-2025-7775 (CVSS score: 9.2) is a memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service.…
-
Over 28,000 Citrix devices vulnerable to new exploited RCE flaw
More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775 that is already being exploited in the wild. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-28-200-citrix-instances-vulnerable-to-actively-exploited-rce-bug/
-
CVE-2025-7775: Citrix NetScaler ADC and NetScaler Gateway Zero-Day Remote Code Execution Vulnerability Exploited in the Wild
Citrix has released patches to address a zero-day remote code execution vulnerability in NetScaler ADC and NetScaler Gateway that has been exploited. Organizations are urged to patch immediately. Background On August 26, Citrix published a security advisory for three vulnerabilities, including CVE-2025-7775, a zero-day vulnerability which has been exploited against its NetScaler Application Delivery Controller…
-
Citrix NetScaler ADC and Gateway Hit by Ongoing Attacks Exploiting 0-Day RCE
Cloud Software Group has issued an emergency security bulletin warning of active exploitation targeting three critical vulnerabilities in NetScaler ADC and NetScaler Gateway products. The vulnerabilities, tracked asCVE-2025-7775,CVE-2025-7776, andCVE-2025-8424, present severe security risks including remote code execution and denial of service capabilities. Active Exploitation Confirmed The most severe vulnerability,CVE-2025-7775, carries aCVSS v4.0 score of 9.2and has been…
-
Citrix NetScaler customers hit by third actively exploited zero-day vulnerability since June
The vendor, which has been widely targeted, said the memory-overflow vulnerability can result in remote-code execution or denial of service. First seen on cyberscoop.com Jump to article: cyberscoop.com/citrix-netscaler-zero-day-exploited-august-2025/
-
Citrix fixes critical NetScaler RCE flaw exploited in zero-day attacks
Citrix fixed three NetScaler ADC and NetScaler Gateway flaws today, including a critical remote code execution flaw tracked as CVE-2025-7775 that was actively exploited in attacks as a zero-day vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/citrix-fixes-critical-netscaler-rce-flaw-exploited-in-zero-day-attacks/
-
Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775
Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild.The vulnerabilities in question are listed below -CVE-2025-7775 (CVSS score: 9.2) – Memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-ServiceCVE-2025-7776 (CVSS score: 8.8) – Memory overflow First…
-
Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384)
CVE-2025-48384, a recently patched vulnerability in the popular distributed revision control system Git, is being exploited by attackers. Details about the attacks are not … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/26/git-vulnerability-exploited-cve-2025-48384/
-
U.S. CISA adds Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, citrix, cve, cybersecurity, exploit, flaw, infrastructure, kev, remote-code-execution, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix Session Recording, and Git flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2024-8069 is a limited remote code execution with privilege…