Tag: flaw
-
Ivanti 0-Day RCE Flaw Exploitation Details Revealed
by
in SecurityNews
Tags: cyber, cybersecurity, exploit, flaw, ivanti, rce, remote-code-execution, vulnerability, zero-dayA critical unauthenticated Remote Code Execution (RCE) vulnerability, CVE-2025-22457, has been disclosed by Ivanti, sparking concerns across the cybersecurity industry. The flaw, which affects several Ivanti products, allows attackers to execute arbitrary code remotely, potentially compromising sensitive enterprise environments. Researchers, including the Rapid7 vulnerability team, have provided a detailed breakdown of how the flaw was exploited and what…
-
OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation
by
in SecurityNewsA newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure.The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites.”The First seen on…
-
Zero-Day in CentreStack File Sharing Platform Under Attack
Gladinet’s platform is widely used among managed service providers, and a critical deserialization flaw could put MSP customers in jeopardy. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/zero-day-centrestack-platform-under-attack
-
Rogue Account”‘Creation Flaw Leaves 100″¯K WordPress Sites Exposed
by
in SecurityNewsA severe vulnerability has been uncovered in the SureTriggers WordPress plugin, which could leave over 100,000 websites at risk. The issue, discovered by security researcher mikemyers, allows attackers to create rogue administrative users on sites where the plugin is not properly configured. Vulnerability Details This critical flaw, registered as CVE-2025-3102, is rooted in the plugin’s…
-
Hackers target SSRF flaws to steal AWS credentials
by
in SecurityNewsStricter WAF and switching to IMDSv2 can help: The first and foremost remediation F5 researchers said users should apply is migrating to IMDSv2 from IMDSv1. Post-migration, an attacker would be required to supply a secret via a custom header (X-aws-ec2-metadata-token) for successful exploitation.”This fully mitigates exposure of EC2 Metadata via SSRF as SSRF vulnerabilities do…
-
A Seven”‘Year”‘Old Cisco Flaw Now Lets Hackers Execute Code Remotely on Network Gear
by
in SecurityNews
Tags: cisco, credentials, cyber, data-breach, exploit, firmware, flaw, hacker, infrastructure, network, router, service, theft, threatA Cisco’s Smart Install protocol (CVE-2018-0171), first patched in 2018, remains a pervasive threat to global network infrastructure due to widespread misconfigurations and exploitation by state-sponsored threat actors. The flaw allows unauthenticated attackers to execute arbitrary code on Cisco switches and routers via exposed Smart Install Client services, enabling configuration theft, credential harvesting, and firmware…
-
Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes
by
in SecurityNewsCybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at risk.The original vulnerability CVE-2024-0132 (CVSS score: 9.0) is a Time-of-Check Time-of-Use (TOCTOU) vulnerability that could lead to a container escape attack and allow for First…
-
Hackers attempted to steal AWS credentials using SSRF flaws within hosted sites
by
in SecurityNewsStricter WAF and switching to IMDSv2 can help: The first and foremost remediation F5 researchers said users should apply is migrating to IMDSv2 from IMDSv1. Post-migration, an attacker would be required to supply a secret via a custom header (X-aws-ec2-metadata-token) for successful exploitation.”This fully mitigates exposure of EC2 Metadata via SSRF as SSRF vulnerabilities do…
-
Juniper Networks Patches Dozens of Junos Vulnerabilities
by
in SecurityNewsJuniper Networks has patched two dozen vulnerabilities in Junos OS and Junos OS Evolved, and dozens of flaws in Junos Space third-party dependencies. The post Juniper Networks Patches Dozens of Junos Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/juniper-networks-patches-dozens-of-junos-vulnerabilities/
-
SonicWall Patches Multiple Vulnerabilities in NetExtender Windows Client
by
in SecurityNewsSonicWall has issued a critical alert concerning multiple vulnerabilities discovered in its NetExtender Windows client. These vulnerabilities, identified via several Common Vulnerabilities and Exposures (CVEs), could allow malicious actors to exploit privilege management flaws, trigger local privilege escalation, or manipulate file paths. Users are urged to update their software immediately to mitigate potential risks. Overview…
-
Dell Alerts Users to Critical PowerScale OneFS Flaws Enabling Account Takeover
by
in SecurityNewsDell Technologies has issued an urgent security advisory to its users, warning of several critical vulnerabilities in its PowerScale OneFS operating system. These flaws, if exploited, could allow attackers to take over high-privileged user accounts, bypass authorization controls, and disrupt system operations. The vulnerabilities, tracked under multiple CVEs, range in severity and attack vectors. They…
-
An APT group exploited ESET flaw to execute malware
by
in SecurityNewsAt least one APT group has exploited a vulnerability in ESET software to stealthily execute malware, bypassing security measures. Kaspersky researchers reported that an APT group, tracked as ToddyCat, has exploited a vulnerability in ESET software to stealthily execute malware, bypassing security. The vulnerability, tracked as CVE-2024-11859, is a DLL Search Order Hijacking issue that potentially allow…
-
Langflow AI Builder Vulnerability Allows Remote Server Takeover by Attackers
by
in SecurityNewsA critical security vulnerability has been discovered in the Langflow AI Builder, a popular tool for creating agentic AI workflows. The flaw, tracked as CVE-2025-3248, enables unauthenticated remote attackers to compromise servers running Langflow, potentially leading to full server control. Security researchers have issued a warning about the severity of the issue, urging users to upgrade…
-
FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887)
by
in SecurityNewsFortinet has released patches for flaws affecting many of its products, among them a critical vulnerability (CVE-2024-48887) in its FortiSwitch appliances that could allow … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/10/fortiswitch-vulnerability-cve-2024-48887/
-
Microsoft Identity Web Flaw Exposes Sensitive Client Secrets and Certificates
by
in SecurityNewsA new vulnerability has been discovered in the Microsoft.Identity.Web NuGet package under specific conditions, potentially exposing sensitive information such as client secrets and certificate details in service logs. The flaw, identified as CVE-2025-32016, has been rated as moderate, prompting developers to urgently address the issue to prevent unintended data exposure. Overview of the Vulnerability: The vulnerability…
-
ToddyCat Hackers Exploit ESET Flaw to Launch Stealthy TCESB Attack
by
in SecurityNewsToddyCat hackers exploit ESET flaw (CVE-2024-11859) to deploy stealthy TCESB malware using DLL hijacking and a vulnerable Dell driver. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/trends/toddycat-hackers-eset-tcesb/
-
CISA Alerts on Actively Exploited Linux Kernel OutBounds Read Flaw
by
in SecurityNewsThe Cybersecurity and Infrastructure Security Agency (CISA) has issued alerts regarding two actively exploited vulnerabilities in the Linux Kernel. The flaws, tagged as CVE-2024-53197 and CVE-2024-53150, both reside in the USB-audio driver. These vulnerabilities could potentially allow attackers to manipulate system memory, escalate privileges, or access sensitive information. CVE-2024-53197: Linux Kernel Out-of-Bounds Access Vulnerability The…
-
Microsoft Patches 125 Flaws Including Actively Exploited Windows CLFS Vulnerability
by
in SecurityNewsMicrosoft has released security fixes to address a massive set of 125 flaws affecting its software products, including one vulnerability that it said has been actively exploited in the wild.Of the 125 vulnerabilities, 11 are rated Critical, 112 are rated Important, and two are rated Low in severity. Forty-nine of these vulnerabilities are classified as…
-
PAN-OS DoS Vulnerability Allows Attackers to Force Repeated Firewall Reboots
by
in SecurityNewsA newly disclosed denial-of-service (DoS) vulnerability in Palo Alto Networks’ PAN-OS software enables attackers to force firewalls into repeated reboots using maliciously crafted packets. Tracked asCVE-2025-0128, the flaw impacts SCEP (Simple Certificate Enrollment Protocol) authentication and poses significant risks to unpatched systems. The vulnerability,CVE-2025-0128, enables unauthenticated attackers to disrupt network operations by sending a single…
-
PAN-OS Command Injection Flaw Lets Hackers Execute Arbitrary Code Remotely
by
in SecurityNewsPalo Alto Networks has disclosed a medium-severity vulnerability (CVE-2025-0127) in its PAN-OS software, enabling authenticated administrators onVM-Series firewallsto execute arbitrary commands with root privileges. The flaw, discovered internally, affects specific legacy PAN-OS versions and requires immediate patching for impacted users. No active exploitation has been reported yet. Key Details of the Vulnerability Summary of the…
-
CrushFTP Exploitation Continues Amid Disclosure Dispute
by
in SecurityNewsAttacks on a critical authentication bypass flaw in CrushFTP’s file transfer product continue this week after duplicate CVEs sparked confusion. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/crushftp-exploitation-disclosure-dispute
-
Flaws in Google Quick Share for Windows addressed via patch
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/flaws-in-google-quick-share-for-windows-addressed-via-patch
-
Malicious code execution possible with patched WhatsApp flaw
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/malicious-code-execution-possible-with-patched-whatsapp-flaw
-
Microsoft fixes 124 flaws, including one under active exploitation
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/microsoft-fixes-124-flaws-including-one-under-active-exploitation
-
Microsoft Warns Ransomware Actors Exploiting Windows Flaw
by
in SecurityNewsTech Giant Says Threat Actors Are Exploiting a Flaw in Widely-Targeted Windows Tool. Ransomware threat actors are exploiting a zero-day vulnerability discovered in a highly targeted Windows logging system tool in a campaign in part targeting U.S. IT and real estate sectors, Microsoft confirmed in a Tuesday blog post urging customers to apply available patches.…
-
Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’
by
in SecurityNewsMicrosoft warns CVE-2025-29824 lets attackers with user access escalate privileges to deploy ransomware via a flaw in Windows CLFS. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-windows-common-log-file-system-vulnerability/
-
Critical Fortinet FortiSwitch flaw allows remote attackers to change admin passwords
by
in SecurityNewsFortinet addressed a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. Fortinet has released security updates to address a critical vulnerability, tracked as CVE-2024-48887 (CVSS score 9.8), in its FortiSwitch devices. A remote attacker can exploit the vulnerability to change administrator passwords. >>An unverified password change vulnerability [CWE-620]…
-
Critical FortiSwitch flaw lets hackers change admin passwords remotely
by
in SecurityNewsFortinet has released security patches for a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-fortiswitch-flaw-lets-hackers-change-admin-passwords-remotely/