Tag: remote-code-execution
-
Microsoft fixes critical wormable Windows flaw (CVE-2025-47981)
For July 2025 Patch Tuesday, Microsoft has released patches for 130 vulnerabilities, among them one that’s publicly disclosed (CVE-2025-49719) and a wormable RCE bug on … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/09/microsoft-fixes-critical-wormable-windows-flaw-cve-2025-47981/
-
Microsoft Fixes Wormable Remote Code Execution Flaw in Windows and Server
Tags: cve, cyber, flaw, malicious, microsoft, network, remote-code-execution, update, vulnerability, windowsMicrosoft has released critical security updates addressing a severe remote code execution vulnerability that could allow attackers to execute malicious code across networks without user interaction. The vulnerability, tracked as CVE-2025-47981, affects Windows client machines running Windows 10 version 1607 and above, potentially exposing millions of systems to cyberattacks. Critical Security Vulnerability Details TheSPNEGO Extended…
-
Microsoft Patches 137 CVEs in July, but No Zero-Days
Some 17 of the bugs are at high risk for exploits, including multiple remote code execution bugs in Office and SharePoint. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/microsoft-patches-137-cves-no-zero-days
-
Microsoft Patches ‘Wormable’ Critical Flaw, Discloses ‘Whopping’ Number Of Bug Fixes
The 130 CVEs (Common Vulnerabilities and Exposures) disclosed in Microsoft’s monthly release of security fixes includes a remote code execution flaw that ‘definitely’ should be prioritized for patching, writes Trend Micro’s Dustin Childs. First seen on crn.com Jump to article: www.crn.com/news/security/2025/microsoft-patches-wormable-critical-flaw-discloses-whopping-number-of-bug-fixes
-
Microsoft Patch Tuesday July 2025: 130 Vulnerabilities Patched, Including 1 Zero-Day and 41 RCE Flaws
Tags: cyber, flaw, microsoft, rce, remote-code-execution, risk, software, update, vulnerability, zero-dayMicrosoft released its July 2025 Patch Tuesday security updates on July 8, 2025, addressing 130 vulnerabilities across its software ecosystem, including one publicly disclosed zero-day vulnerability and numerous critical security flaws that pose significant risks to organizations worldwide. The July 2025 security update represents a substantial patch cycle, with 14 vulnerabilities rated as >>Critical
-
FortiOS Buffer Overflow vulnerability Enables Remote Code Execution by Attackers
Fortinet has disclosed a critical security vulnerability in FortiOS that could allow authenticated attackers to execute arbitrary code through a heap-based buffer overflow in the cw_stad daemon, affecting multiple versions of the popular network security operating system. Critical Security Flaw Discovered in FortiOS Fortinet announced today the discovery of a significant security vulnerability, designated as CVE-2025-24477,…
-
MediaTek July”¯2025 Security Update Addresses Multiple Chipset Vulnerabilities
MediaTek has released a comprehensive security bulletin addressing 16 critical vulnerabilities across its extensive chipset portfolio, including smartphone, tablet, AIoT, smart display, smart platform, OTT, computer vision, audio, and TV chipsets. The July 2025 security update reveals seven high-severity and nine medium-severity vulnerabilities that could potentially compromise device security through various attack vectors including remote code execution,…
-
Call of Duty Gamers Hacked via RCE Exploit Allowing PlayerPlayer Attacks
The Call of Duty team removed the PC edition of Call of Duty: WWII off the internet on Saturday after numerous allegations of a serious security flaw surfaced, which is concerning for the gaming community. The culprit appears to be a Remote Code Execution (RCE) vulnerability an especially dangerous flaw that enables attackers to execute…
-
macOS SMBClient Flaw Enables Remote Code Execution and Kernel Crashes
A critical vulnerability has been discovered in Apple’s macOS SMBClient, exposing millions of users to the risk of remote code execution (RCE) and potentially catastrophic kernel crashes. Tracked as CVE-2025-24269, this flaw is rated with a CVSS score of 9.8, marking it as one of the most severe security issues to affect the macOS platform in recent…
-
Call of Duty takes PC game offline after multiple reports of RCE attacks on players
Gamemakers have only said they are investigating an unspecified “issue.” Players are posting videos of their computers being compromised. First seen on cyberscoop.com Jump to article: cyberscoop.com/call-of-duty-remote-code-execution-pc-game-offline/
-
Persistent Exploitation of ASP.NET Components Fuels Remote Code Execution Attacks
Context During a recent incident response engagement in June, our team observed an unattributed adversary exploiting a public-facing ASP.NET application, immediately followed by hands-on-keyboard activity. First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/07/07/persistent-exploitation-of-asp-net-components-fuels-remote-code-execution-attacks/
-
Comodo Internet Security 2025 Flaws Allow Remote Code Execution With SYSTEM Privileges
Security researchers have uncovered a series of critical vulnerabilities in Comodo Internet Security 2025, exposing users to remote code execution (RCE) attacks that could grant threat actors SYSTEM-level privileges. These flaws affect Comodo Internet Security Premium version 12.3.4.8162 and potentially other recent releases, putting both individual and enterprise users at risk. CVE ID Vulnerability Type…
-
ScriptCase Vulnerabilities Allow Remote Code Execution and Full Server Compromise
Two critical vulnerabilities have been discovered in ScriptCase, a popular low-code PHP web application generator, which puts thousands of servers at risk of remote code execution and complete compromise. The flaws, tracked as CVE-2025-47227 and CVE-2025-47228, affect the Production Environment module (also known as the >>prod console
-
Kritische Schwachstelle in Cisco Unified CM entdeckt
Tags: bug, cisco, communications, cyberattack, exploit, infrastructure, rce, remote-code-execution, risk, vulnerabilityBereits zum zweiten Mal in einer Woche muss Cisco eine Schwachstelle mit höchsten Schweregrad melden.Cisco meldete kürzlich eine Schwachstelle mit höchster Schweregradbewertung (CVSS 10 von 10) in seinen Produkten Unified Communications Manager (Unified CM) und Session Management Edition (Unified CM SME). Die betroffenen Lösungen sind Kernkomponenten der TK-Infrastruktur und werden in Behörden, Finanzinstituten und großen…
-
Critical HIKVISION applyCT Flaw Allows Remote Code Execution
A newly disclosed vulnerability, tracked as CVE-2025-34067, has been identified in HIKVISION’s widely deployed security management platform, applyCT (also known as HikCentral). This critical flaw allows unauthenticated remote code execution (RCE), putting countless surveillance and security infrastructures at risk across government, commercial, and industrial sectors. Its advanced analytics and scalable architecture make it a popular choice…
-
Hackers Exploit Java Debug Wire Protocol Servers to Deploy Cryptomining Payloads
A sophisticated cyberattack targeting unsecured Java Debug Wire Protocol (JDWP) interfaces on honeypot servers running TeamCity, a popular CI/CD application, has been discovered, according to a startling disclosure from the Wiz Research Team. The team observed that within mere hours of exposing a vulnerable machine, attackers exploited the JDWP interface to achieve remote code execution…
-
Hardcoded root credentials in Cisco Unified CM trigger max-severity alert
Cisco shares tricks to spot exploitation: Cisco said in the advisory that it hasn’t observed any exploitation in the wild, but it has provided a method for customers to detect compromises. Successful logins via the root account would leave traces in system logs located at ‘/var/log/active/syslog/secure’, it said.The advisory even included an example log snippet…
-
Apache Seata Flaw Enables Deserialization of Untrusted Data
A newly disclosed vulnerability in Apache Seata, a popular open-source distributed transaction solution, has raised security concerns for organizations relying on affected versions. The flaw, tracked as CVE-2025-32897, enables the deserialization of untrusted data within the Seata server, potentially exposing systems to remote code execution and other security risks. Vulnerability Overview The vulnerability impactsApache Seata (incubating) versions 2.0.0…
-
Wing FTP Server Vulnerability Allows Full Server Takeover by Attackers
A newly disclosed critical vulnerability in Wing FTP Server threatens thousands of organizations worldwide, enabling attackers to achieve full server takeover through unauthenticated remote code execution (RCE). The flaw, tracked asCVE-2025-47812, has been assigned a maximumCVSSv4 score of 10.0, underscoring its severity and ease of exploitation. Vulnerability Details The vulnerability, discovered by security researcher Julien Ahrens of RCE Security,…
-
Cl0p Ransomware’s Exfiltration Process Exposes RCE Vulnerability
Tags: computer, cyber, cybercrime, data, data-breach, flaw, group, incident response, ransomware, rce, remote-code-execution, vulnerabilityA newly disclosed vulnerability in the Python-based data-exfiltration utility used by the notorious Cl0p ransomware group has exposed the cybercrime operation itself to potential attack. The flaw, cataloged as GCVE-1-2025-0002, was identified by Italian security researcher Lorenzo N and published by the Computer Incident Response Center Luxembourg (CIRCL) on July 1, 2025. Vulnerability Details The…
-
Critical RCE flaw in Anthropic’s MCP inspector exposes developer machines to remote attacks
Chained with a legacy flaw for RCE : Oligo demonstrated that the attack vector combines two independent flaws. Attackers could chain the legacy “0.0.0.0-day” browser flaw, which lets web pages send requests to 0.0.0.0 address that browsers treat like localhost, to a CSRF-style attack leveraging the Inspector proxy’s vulnerable “/sse” endpoint that accepts commands via query…
-
Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks
Experts say they don’t expect the MOVEit menace to do much about it First seen on theregister.com Jump to article: www.theregister.com/2025/07/02/cl0p_rce_vulnerability/
-
Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits
Tags: access, ai, cve, cvss, cybersecurity, exploit, intelligence, remote-code-execution, vulnerabilityCybersecurity researchers have discovered a critical security vulnerability in artificial intelligence (AI) company Anthropic’s Model Context Protocol (MCP) Inspector project that could result in remote code execution (RCE) and allow an attacker to gain complete access to the hosts.The vulnerability, tracked as CVE-2025-49596, carries a CVSS score of 9.4 out of a maximum of 10.0.”This…
-
Django App Vulnerabilities Allow Remote Code Execution
Security researchers have uncovered severe vulnerabilities in Django that could allow attackers to execute arbitrary code on affected systems. These flaws, ranging from directory traversal to log injection, highlight critical security risks in one of Python’s most popular web frameworks. Recent Security Advisories Django’s security team addressed multiple vulnerabilities in 2025: Exploit Chain: Directory Traversal…
-
Hackers Leverage Critical Langflow Flaw to Deploy Flodrix Botnet and Seize System Control
Tags: ai, botnet, control, cve, cvss, cyber, cyberattack, exploit, flaw, framework, hacker, rce, remote-code-execution, vulnerabilityA sophisticated cyberattack campaign has emerged, exploiting a critical vulnerability in Langflow, a widely-used Python-based framework for building AI applications, to deploy the destructive Flodrix botnet. Identified as CVE-2025-3248 and carrying a near-perfect CVSS score of 9.8, this unauthenticated remote code execution (RCE) flaw impacts Langflow versions prior to 1.3.0. Unveiling a Severe RCE Vulnerability…
-
Critical D-Link Router Flaws Allow Remote Code Execution by Attackers
Tags: cyber, firmware, flaw, Hardware, network, remote-code-execution, risk, router, service, vulnerabilityA series of critical security vulnerabilities have been identified in D-Link DIR-816 routers, exposing users worldwide to the risk of remote code execution and network compromise. The flaws affect all hardware revisions and firmware versions of the DIR-816 (non-US), which has reached its End of Life (EOL) and End of Service Life (EOS), meaning no…
-
IBM WebSphere Application Server Vulnerability Allows Remote Code Execution
A critical security vulnerability, tracked as CVE-2025-36038, has been discovered in IBM WebSphere Application Server, exposing organizations to the risk of remote code execution by unauthenticated attackers. This flaw, which affects widely deployed versions 8.5 and 9.0, is rated with aCVSS base score of 9.0, underlining its severity and the urgency for remediation. Vulnerability Details The…
-
Week in review: Backdoor found in SOHO devices running Linux, high-risk WinRAR RCE flaw patched
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Stealthy backdoor found hiding in SOHO devices running Linux … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/29/week-in-review-backdoor-found-in-soho-devices-running-linux-high-risk-winrar-rce-flaw-patched/
-
Some Brother printers have a remote code execution vulnerability, and they can’t fix it
The centerpiece of Rapid7’s disclosure is CVE-2024-51978, a vulnerability rated critical (CVSS 9.8 out of 10) that enables attackers to derive the default administrator password from the device’s serial number.While another of the discovered flaws, a medium severity information disclosure vulnerability (CVE-2024-51977), potentially allows an attacker to leak the prerequisite unique serial number via the…
-
Frequently Asked Questions About Iranian Cyber Operations
Tags: access, advisory, api, apt, attack, authentication, awareness, cisa, cloud, credentials, cve, cyber, cybersecurity, data, data-breach, defense, dos, exploit, finance, framework, government, group, Hardware, identity, infrastructure, injection, Internet, iran, ivanti, malware, mfa, microsoft, middle-east, military, mitre, monitoring, network, password, ransomware, rce, remote-code-execution, risk, service, software, supply-chain, tactics, technology, terrorism, threat, tool, update, vpn, vulnerability, windowsTenable’s Research Special Operations team focuses on some frequently asked questions about Iranian cyber operations, including the tactics, techniques and procedures employed by Iran-based threat actors. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding Iranian cyber operations in the wake of the recent conflict and…