Articles tagged "Privilege Escalation"

Found 49 articles

SonicWall has issued a hotfix for a local privilege escalation vulnerability, identified as CVE-2025-40602, that affects its Secure Mobile Access (SMA) 1000 appliances. This flaw is currently being exploited by attackers, particularly in combination with another vulnerability, CVE-2025-23006, which allows for unauthenticated remote code execution with root privileges. Organizations using SMA 1000 appliances are at risk, as this could enable unauthorized access and control over their systems. SonicWall is urging all customers to apply the patch promptly to mitigate the risk of exploitation. The situation highlights the ongoing need for vigilance and timely updates in cybersecurity practices.

Read Original

JumpCloud has identified a vulnerability in its Remote Assist feature for Windows that could allow attackers to escalate privileges locally or launch denial-of-service attacks on managed endpoints. This flaw affects systems running the JumpCloud Windows Agent, posing a risk to organizations that rely on this software for remote management. If exploited, the vulnerability could give unauthorized users elevated access to sensitive system functions, potentially leading to further malicious actions. Users and administrators of JumpCloud services should be aware of this issue and take steps to secure their systems. It's crucial for organizations to stay informed about such vulnerabilities to protect their data and infrastructure.

Read Original
Critical
Opto 22 groov View

All CISA Advisories

The article discusses a vulnerability in Opto 22's groov View that allows for the exposure of sensitive information through metadata, potentially leading to credential and key exposure as well as privilege escalation. This vulnerability, assigned CVE-2025-13084, has a CVSS v4 score of 6.1 and affects multiple versions of groov View, necessitating immediate remediation to mitigate risks.

+1 more
Read Original
PreviousPage 4 of 4