VulnHub

Real-time Cybersecurity News

Articles tagged "Vulnerability"

Found 43 articles

Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share

All CISA Advisories

The Ashlar-Vellum products Cobalt, Xenon, Argon, Lithium, and Cobalt Share have critical vulnerabilities, specifically an Out-of-Bounds Write and a Heap-based Buffer Overflow, which could allow attackers to disclose information or execute arbitrary code. The vulnerabilities have a CVSS v4 score of 8.4, indicating a high severity level, and users are urged to update their software to mitigate risks.

Impact: Affected products include Ashlar-Vellum Cobalt (versions 12.6.1204.207 and prior), Xenon (versions 12.6.1204.207 and prior), Argon (versions 12.6.1204.207 and prior), Lithium (versions 12.6.1204.207 and prior), and Cobalt Share (versions 12.6.1204.207 and prior). The vendor is Ashlar-Vellum.
Remediation: Users are recommended to update to the following versions: Cobalt (versions 12.6.1204.208 or higher), Xenon (versions 12.6.1204.208 or higher), Argon (versions 12.6.1204.208 or higher), Lithium (versions 12.6.1204.208 or higher), and Cobalt Share (versions 12.6.1204.208 or higher). Additionally, users should minimize network exposure for all control system devices, locate control system networks behind firewalls, and use secure remote access methods such as VPNs.
PhishingCVEVulnerabilityUpdateCritical
Read Original
SiRcom SMART Alert (SiSA)

All CISA Advisories

The SiRcom SMART Alert (SiSA) system has a critical vulnerability due to missing authentication for critical functions, allowing unauthorized remote access to backend APIs. This could enable attackers to manipulate emergency sirens, posing a significant risk to public safety and critical infrastructure.

Impact: SiRcom SMART Alert (SiSA): Version 3.0.48
Remediation: Minimize network exposure for control system devices, ensure they are not accessible from the Internet, locate control system networks behind firewalls, use secure remote access methods like VPNs, and perform proper impact analysis and risk assessment before deploying defensive measures.
PhishingCVEVulnerabilityUpdateCritical
Read Original
Zenitel TCIV-3+

All CISA Advisories

The Zenitel TCIV-3+ device has critical vulnerabilities, including OS Command Injection and Cross-site Scripting, with a CVSS v4 score of 10.0, indicating a severe risk of arbitrary code execution and denial-of-service. Users are strongly advised to upgrade to version 9.3.3.0 or later to mitigate these risks.

Impact: Zenitel TCIV-3+ (all versions prior to 9.3.3.0), vulnerabilities include OS Command Injection (CVE-2025-64126, CVE-2025-64127, CVE-2025-64128), Out-of-bounds Write (CVE-2025-64129), and Cross-site Scripting (CVE-2025-64130).
Remediation: Upgrade to Zenitel TCIV-3+ Version 9.3.3.0 or later. Implement defensive measures such as minimizing network exposure for control system devices, using firewalls, and secure remote access methods like VPNs. Conduct proper impact analysis and risk assessment before deploying defensive measures.
CVEVulnerabilityUpdateCritical
Read Original
Rockwell Automation Arena Simulation

All CISA Advisories

Rockwell Automation's Arena Simulation software has a stack-based buffer overflow vulnerability that could allow local attackers to execute arbitrary code. The vulnerability, identified as CVE-2025-11918, has a CVSS v4 score of 7.1, indicating a significant risk for affected installations, particularly in critical manufacturing sectors.

Impact: Affected products include Rockwell Automation's Arena Simulation version 16.20.10 and prior.
Remediation: Users are advised to upgrade Arena Simulation to version 16.20.11 or later. For those unable to upgrade, Rockwell Automation recommends following security best practices. CISA also suggests minimizing network exposure for control systems, using firewalls, and implementing secure remote access methods like VPNs.
PhishingCVEExploitVulnerabilityUpdateCritical
Read Original
ShadowRay 2.0 Turns AI Clusters into Crypto Botnets

darkreading

Actively Exploited

The ShadowRay 2.0 threat actor is exploiting a vulnerability in the Ray framework to commandeer AI infrastructure globally, creating a self-propagating botnet for cryptomining and data theft. This poses a significant risk to AI systems and could lead to extensive data breaches and financial losses.

Impact: Ray framework
Remediation: Implement security patches for the Ray framework, monitor AI infrastructure for unauthorized access, and enhance security protocols to prevent exploitation.
VulnerabilityBotnet
Read Original
Infamous Shai-hulud Worm Resurfaces From the Depths

darkreading

The article discusses a new variant of malware that executes malicious code during the preinstallation phase, posing a significant risk to build and runtime environments. This increase in potential exposure highlights the severity of the threat and the need for immediate attention from cybersecurity professionals.

Impact: N/A
Remediation: Implement security measures during the preinstall phase, conduct thorough code reviews, and ensure robust runtime environment protections.
MalwareVulnerability
Read Original
CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability

SecurityWeek

Actively Exploited

CISA has confirmed the exploitation of a vulnerability in Oracle Identity Manager, identified as CVE-2025-61757, which has been added to its Known Exploited Vulnerabilities catalog. This indicates a significant security risk for organizations using the affected systems, necessitating immediate attention to mitigate potential breaches.

Impact: Oracle Identity Manager
Remediation: Organizations should apply the latest security patches for Oracle Identity Manager as soon as they are available. Additionally, it is recommended to review system configurations and access controls to mitigate risks associated with this vulnerability.
CVEVulnerability
Read Original
New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions

The Hacker News

Researchers have identified five critical vulnerabilities in Fluent Bit, a telemetry agent, that could be exploited to compromise cloud infrastructures. These flaws enable attackers to bypass authentication, execute remote code, and cause denial-of-service conditions, posing significant risks to cloud security.

Impact: Fluent Bit
Remediation: Implement security patches as they become available, review configurations for authentication and path traversal vulnerabilities, and monitor systems for unusual activity.
RCECriticalVulnerability
Read Original
ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

The Hacker News

Actively Exploited

The ShadowPad malware is exploiting a recently patched vulnerability in Microsoft Windows Server Update Services (WSUS), identified as CVE-2025-59287, allowing attackers to gain full system access. This exploitation highlights the critical need for organizations to promptly apply security updates to vulnerable systems to prevent unauthorized access.

Impact: Microsoft Windows Server Update Services (WSUS) on Windows Servers.
Remediation: Organizations should apply the latest security patches provided by Microsoft for CVE-2025-59287 to mitigate the vulnerability. Additionally, it is recommended to review and secure WSUS configurations and monitor for any unauthorized access attempts.
WindowsCVEMicrosoftVulnerabilityUpdateMalware+1 more
Read Original
Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day

SecurityWeek

Actively Exploited

A critical unauthenticated remote code execution vulnerability, identified as CVE-2025-61757, has been discovered in Oracle Identity Manager. This flaw poses significant risks as it may be exploited as a zero-day, allowing attackers to execute arbitrary code without authentication.

Impact: Oracle Identity Manager
Remediation: Implement security patches provided by Oracle for Oracle Identity Manager, monitor for updates from Oracle regarding this vulnerability, and apply best practices for securing identity management systems, such as limiting access and regularly auditing system logs.
CVEZero-dayVulnerabilityCritical
Read Original
SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance

SecurityWeek

SonicWall has addressed high-severity vulnerabilities in its firewalls and email security appliances that could lead to denial-of-service attacks, arbitrary code execution, or unauthorized file access. The urgency of these patches highlights the critical nature of securing network infrastructure against potential exploitation.

Impact: SonicWall firewalls, SonicWall email security appliance
Remediation: Apply the latest patches provided by SonicWall for affected products.
CriticalVulnerabilityPatch
Read Original
CISA Adds One Known Exploited Vulnerability to Catalog

All CISA Advisories

Actively Exploited

CISA has added CVE-2025-61757, a critical vulnerability in Oracle Fusion Middleware, to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. This vulnerability poses significant risks to federal networks, prompting CISA to urge timely remediation by all organizations to mitigate potential cyberattacks.

Impact: Oracle Fusion Middleware
Remediation: Federal Civilian Executive Branch (FCEB) agencies are required to remediate identified vulnerabilities by the due date as per Binding Operational Directive (BOD) 22-01. Organizations are strongly urged to prioritize timely remediation of vulnerabilities listed in the KEV Catalog to protect against active threats.
CVEVulnerabilityCritical
Read Original
SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability

SecurityWeek

SquareX has alleged a vulnerability in the Comet browser that allows for the execution of local commands through a hidden API, while Perplexity disputes these claims, labeling the research as fake. This disagreement highlights potential security concerns regarding the Comet browser and the credibility of vulnerability disclosures in the cybersecurity community.

Impact: Comet browser
Remediation: N/A
Vulnerability
Read Original
PreviousPage 2 of 3Next