VulnHub

AI-Powered Cybersecurity Intelligence

Last Update Check:

Latest Intelligence

All CISA Advisories
Assured Telematics Inc (ATI) Fleet Management System with Geotab Integration

Assured Telematics Inc. has reported a vulnerability in their Fleet Management System that allows unauthorized access to sensitive system information, potentially leading to the exposure of administrative credentials. This issue is significant as it could compromise critical infrastructure in transportation systems worldwide.


Impact: ["Fleet Management System: Versions prior to February 6th, 2025", "Assured Telematics Inc."]

In the Wild: No

Age: Recently disclosed

Remediation: Assured Telematics has fixed the exposure of sensitive information. Users are advised to minimize network exposure and implement secure remote access methods.

CVE Vulnerability Update

Published:

All CISA Advisories
Schneider Electric PrismaSeT Active - Wireless Panel Server

The Schneider Electric PrismaSeT Active - Wireless Panel Server has a critical vulnerability (CVE-2023-4041) that allows unauthorized code execution due to a buffer overflow issue, posing risks to voltage loss monitoring. This vulnerability, which has a CVSS score of 9.8, affects all versions of the product and could lead to significant operational disruptions.


Impact: ["PrismaSeT Active - Wireless Panel Server", "Schneider Electric"]

In the Wild: No

Age: Recently disclosed

Remediation: Deactivate Bluetooth Low communication when not in use, review audit logs, check physical security, and follow cybersecurity recommendations.

Phishing CVE Apple Google Exploit Vulnerability Update

Published:

All CISA Advisories
Schneider Electric Modicon Controllers

Schneider Electric's Modicon Controllers have a vulnerability that allows unauthenticated attackers to manipulate a controller's webserver URL, potentially leading to a loss of confidentiality. This issue affects multiple product versions and poses a significant risk, particularly in critical infrastructure sectors.


Impact: ["Schneider Electric Modicon Controllers M241", "Schneider Electric Modicon Controllers M251", "Schneider Electric Modicon Controllers M258", "Schneider Electric Modicon Controllers LMC058"]

In the Wild: Unknown

Age: Recently disclosed

Remediation: Update firmware to version 5.3.12.48 for M241/M251; apply mitigations for M258/LMC058 until a fix is available.

Phishing CVE Exploit Vulnerability Update

Published:

All CISA Advisories
CISA Releases Thirteen Industrial Control Systems Advisories

CISA has released thirteen advisories addressing vulnerabilities in various Industrial Control Systems (ICS) as of May 20, 2025. These advisories are crucial for enhancing security measures in critical infrastructure, as they inform users of potential exploits and necessary mitigations.


Impact: ["ABUP IoT Cloud Platform", "National Instruments Circuit Design Suite", "Danfoss AK-SM 8xxA Series", "Mitsubishi Electric Iconics Digital Solutions", "Siemens Siveillance Video", "Schneider Electric PrismaSeT Active - Wireless Panel Server", "Schneider Electric Galaxy VS, Galaxy VL, Galaxy VXL", "Schneider Electric Modicon Controllers", "AutomationDirect MB-Gateway", "Vertiv Liebert RDU101 and UNITY", "Assured Telematics Inc (ATI) Fleet Management System with Geotab Integration", "Schneider Electric EcoStruxure Power Monitoring Expert (PME)", "Schneider Electric EcoStruxure Power Build Rapsody"]

In the Wild: Unknown

Age: Recently disclosed

Remediation: CISA encourages users and administrators to review the advisories for technical details and mitigations.

Update

Published:

All CISA Advisories
Schneider Electric Galaxy VS, Galaxy VL, Galaxy VXL

Schneider Electric's Galaxy VS, Galaxy VL, and Galaxy VXL products are affected by a critical vulnerability that allows for unauthenticated remote code execution due to missing authentication in the SSH server. This vulnerability poses significant risks to critical infrastructure sectors and requires immediate attention to mitigate potential exploits.


Impact: ["Galaxy VS", "Galaxy VL", "Galaxy VXL"]

In the Wild: No

Age: Recently disclosed

Remediation: Disable SSH server or implement firewall rules; apply patches when available.

Phishing CVE Exploit Vulnerability Update

Published:

All CISA Advisories
Siemens Siveillance Video

Siemens Siveillance Video has a vulnerability related to missing encryption of sensitive data, which could allow unauthorized access to system configuration files and affect backup data. The vulnerability, identified as CVE-2025-1688, poses a significant risk as it can be exploited remotely, necessitating immediate attention from users to mitigate potential security breaches.


Impact: ["Siemens Siveillance Video: Versions V24.1 and later"]

In the Wild: No

Age: Recently disclosed

Remediation: Change system configuration password settings; currently no fix available.

Phishing CVE Vulnerability Update

Published:

All CISA Advisories
National Instruments Circuit Design Suite

The National Instruments Circuit Design Suite has multiple vulnerabilities, including out-of-bounds writes and reads, as well as a stack-based buffer overflow, which could allow attackers to execute arbitrary code or disclose information. Users are advised to update to version 14.3.1 or later to mitigate these risks.


Impact: ["National Instruments Circuit Design Suite: Versions 14.3.0 and prior"]

In the Wild: No

Age: Recently disclosed

Remediation: Update to version 14.3.1 or later

CVE Exploit Vulnerability Update

Published:

The Hacker News
The Crowded Battle: Key Insights from the 2025 State of Pentesting Report

The 2025 State of Pentesting Report highlights the challenges faced by CISOs in managing security alerts and cyber risks, revealing a complex landscape of progress and shifting strategies in the cybersecurity realm. The insights from 500 surveyed CISOs underscore the importance of adapting to evolving threats and improving response mechanisms.


Impact: Not specified

In the Wild: Unknown

Age: Recently disclosed

Remediation: None available

Published:

SecurityWeek
CloudSEK Raises $19 Million for Threat Intelligence Platform

CloudSEK, a threat protection and intelligence firm, has successfully raised $19 million in funding from a combination of new and existing investors. This funding is significant as it will enhance their threat intelligence platform, potentially improving cybersecurity measures for organizations.


Impact: Not specified

In the Wild: Unknown

Age: Unknown

Remediation: None available

Published:

SecurityWeek
O2 Service Vulnerability Exposed User Location

A vulnerability in O2's implementation of the IMS standard has led to the exposure of user location data in network responses. This issue raises significant privacy concerns for users, as their location information can be accessed through the network.


Impact: ["O2", "IMS standard"]

In the Wild: Unknown

Age: Recently disclosed

Remediation: Vendor advisory pending

Vulnerability

Published:

SecurityWeek
Madhu Gottumukkala Officially Announced as CISA Deputy Director

Madhu Gottumukkala has been officially appointed as the Deputy Director of the Cybersecurity and Infrastructure Security Agency (CISA). He joins CISA from the Bureau of Information and Technology in South Dakota, marking a significant leadership change within the agency.


Impact: Not specified

In the Wild: Unknown

Age: Recently disclosed

Remediation: None available

Published:

The Hacker News
Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization

Chinese hackers, identified as UnsolicitedBooker, have been targeting an international organization in Saudi Arabia using a new backdoor called MarsSnake. This multi-year attack highlights the ongoing cybersecurity threats posed by state-aligned actors, emphasizing the need for robust security measures.


Impact: Not specified

In the Wild: Yes

Age: Discovered in March 2023

Remediation: None available

Phishing Threat Actor

Published:

The Hacker News
Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse

A new cryptojacking campaign named RedisRaider is targeting publicly accessible Redis servers to deploy the XMRig miner on Linux hosts. This campaign highlights the risks associated with misconfigured Redis instances and the exploitation of legitimate commands for malicious purposes.


Impact: ["Redis servers", "Linux systems"]

In the Wild: Yes

Age: Recently disclosed

Remediation: Secure Redis configurations and restrict access to prevent unauthorized exploitation.

Linux Malware

Published:

The Hacker News
Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

Researchers have identified malicious packages on the Python Package Index (PyPI) that exploit TikTok and Instagram APIs to validate stolen email addresses. These packages, which have since been removed, highlight a significant security threat to users of these social media platforms.


Impact: ["TikTok", "Instagram", "Python Package Index (PyPI)"]

In the Wild: Yes

Age: Recently disclosed

Remediation: Packages have been removed from PyPI

Exploit Malware

Published:

darkreading
'Operation RoundPress' Targets Ukraine in XSS Webmail Attacks

Operation RoundPress is a cyber-espionage campaign targeting Ukrainian government entities through sophisticated spear-phishing attacks that exploit XSS vulnerabilities. This highlights the ongoing threat to national security and the importance of cybersecurity measures in protecting sensitive information.


Impact: Not specified

In the Wild: Yes

Age: Recently disclosed

Remediation: Implement workarounds

Phishing Exploit

Published: