VulnHub

Real-time Cybersecurity News

Articles tagged "CVE"

Found 111 articles

Rockwell Automation Arena Simulation

All CISA Advisories

Rockwell Automation's Arena Simulation software has a stack-based buffer overflow vulnerability that could allow local attackers to execute arbitrary code. The vulnerability, identified as CVE-2025-11918, has a CVSS v4 score of 7.1, indicating a significant risk for affected installations, particularly in critical manufacturing sectors.

Impact: Affected products include Rockwell Automation's Arena Simulation version 16.20.10 and prior.

Remediation: Users are advised to upgrade Arena Simulation to version 16.20.11 or later. For those unable to upgrade, Rockwell Automation recommends following security best practices. CISA also suggests minimizing network exposure for control systems, using firewalls, and implementing secure remote access methods like VPNs.

Phishing CVE Exploit Vulnerability Update Critical

3 months ago

Zenitel TCIV-3+

All CISA Advisories

The Zenitel TCIV-3+ device has critical vulnerabilities, including OS Command Injection and Cross-site Scripting, with a CVSS v4 score of 10.0, indicating a severe risk of arbitrary code execution and denial-of-service. Users are strongly advised to upgrade to version 9.3.3.0 or later to mitigate these risks.

Impact: Zenitel TCIV-3+ (all versions prior to 9.3.3.0), vulnerabilities include OS Command Injection (CVE-2025-64126, CVE-2025-64127, CVE-2025-64128), Out-of-bounds Write (CVE-2025-64129), and Cross-site Scripting (CVE-2025-64130).

Remediation: Upgrade to Zenitel TCIV-3+ Version 9.3.3.0 or later. Implement defensive measures such as minimizing network exposure for control system devices, using firewalls, and secure remote access methods like VPNs. Conduct proper impact analysis and risk assessment before deploying defensive measures.

CVE Vulnerability Update Critical

3 months ago

SiRcom SMART Alert (SiSA)

All CISA Advisories

The SiRcom SMART Alert (SiSA) system has a critical vulnerability due to missing authentication for critical functions, allowing unauthorized remote access to backend APIs. This could enable attackers to manipulate emergency sirens, posing a significant risk to public safety and critical infrastructure.

Impact: SiRcom SMART Alert (SiSA): Version 3.0.48

Remediation: Minimize network exposure for control system devices, ensure they are not accessible from the Internet, locate control system networks behind firewalls, use secure remote access methods like VPNs, and perform proper impact analysis and risk assessment before deploying defensive measures.

Phishing CVE Vulnerability Update Critical

3 months ago

Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share

All CISA Advisories

The Ashlar-Vellum products Cobalt, Xenon, Argon, Lithium, and Cobalt Share have critical vulnerabilities, specifically an Out-of-Bounds Write and a Heap-based Buffer Overflow, which could allow attackers to disclose information or execute arbitrary code. The vulnerabilities have a CVSS v4 score of 8.4, indicating a high severity level, and users are urged to update their software to mitigate risks.

Impact: Affected products include Ashlar-Vellum Cobalt (versions 12.6.1204.207 and prior), Xenon (versions 12.6.1204.207 and prior), Argon (versions 12.6.1204.207 and prior), Lithium (versions 12.6.1204.207 and prior), and Cobalt Share (versions 12.6.1204.207 and prior). The vendor is Ashlar-Vellum.

Remediation: Users are recommended to update to the following versions: Cobalt (versions 12.6.1204.208 or higher), Xenon (versions 12.6.1204.208 or higher), Argon (versions 12.6.1204.208 or higher), Lithium (versions 12.6.1204.208 or higher), and Cobalt Share (versions 12.6.1204.208 or higher). Additionally, users should minimize network exposure for all control system devices, locate control system networks behind firewalls, and use secure remote access methods such as VPNs.

Phishing CVE Vulnerability Update Critical

3 months ago

Opto 22 groov View

All CISA Advisories

The article discusses a vulnerability in Opto 22's groov View that allows for the exposure of sensitive information through metadata, potentially leading to credential and key exposure as well as privilege escalation. This vulnerability, assigned CVE-2025-13084, has a CVSS v4 score of 6.1 and affects multiple versions of groov View, necessitating immediate remediation to mitigate risks.

Impact: Affected products include: groov View Server for Windows (Versions R1.0a to R4.5d), GRV-EPIC-PR1 Firmware (Versions prior to 4.0.3), GRV-EPIC-PR2 Firmware (Versions prior to 4.0.3). Vendor: Opto 22.

Remediation: Opto 22 recommends upgrading to groov View Server for Windows Version R4.5e and GRV-EPIC Firmware Version 4.0.3. Additionally, CISA advises minimizing network exposure for control system devices, using firewalls, securing remote access with VPNs, and performing impact analysis and risk assessment before deploying defensive measures.

Windows CVE Vulnerability Patch Update Privilege Escalation+1 more

3 months ago

Critical Flaw in Oracle Identity Manager Under Exploitation

darkreading

Actively Exploited

The article highlights the exploitation of CVE-2025-61757, which follows a breach of Oracle Cloud and an extortion campaign targeting Oracle E-Business Suite customers. This indicates a significant security threat that could impact numerous organizations relying on Oracle's services.

Impact: Oracle Identity Manager, Oracle Cloud, Oracle E-Business Suite

Remediation: Organizations should apply security patches provided by Oracle for Oracle Identity Manager and Oracle Cloud. Additionally, implementing strong access controls and monitoring for unusual activities can mitigate the risk of exploitation.

3 months ago

CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability

SecurityWeek

Actively Exploited

CISA has confirmed the exploitation of a vulnerability in Oracle Identity Manager, identified as CVE-2025-61757, which has been added to its Known Exploited Vulnerabilities catalog. This indicates a significant security risk for organizations using the affected systems, necessitating immediate attention to mitigate potential breaches.

Impact: Oracle Identity Manager

Remediation: Organizations should apply the latest security patches for Oracle Identity Manager as soon as they are available. Additionally, it is recommended to review system configurations and access controls to mitigate risks associated with this vulnerability.

CVE Vulnerability

3 months ago

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

The Hacker News

Actively Exploited

The ShadowPad malware is exploiting a recently patched vulnerability in Microsoft Windows Server Update Services (WSUS), identified as CVE-2025-59287, allowing attackers to gain full system access. This exploitation highlights the critical need for organizations to promptly apply security updates to vulnerable systems to prevent unauthorized access.

Impact: Microsoft Windows Server Update Services (WSUS) on Windows Servers.

Remediation: Organizations should apply the latest security patches provided by Microsoft for CVE-2025-59287 to mitigate the vulnerability. Additionally, it is recommended to review and secure WSUS configurations and monitor for any unauthorized access attempts.

Windows CVE Vulnerability Update Malware Critical

3 months ago

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

The Hacker News

Actively Exploited

CISA has identified a critical security vulnerability in Oracle Identity Manager, classified as CVE-2025-61757, which is actively being exploited. This vulnerability involves missing authentication for a critical function, posing significant security risks.

Impact: Oracle Identity Manager

Remediation: N/A

CVE Zero-day Vulnerability Critical

3 months ago

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

The Hacker News

Grafana has issued security updates to fix a critical vulnerability, CVE-2025-41115, with a CVSS score of 10.0. This flaw in the SCIM component can lead to privilege escalation and user impersonation under specific configurations.

Impact: Grafana

Remediation: Apply security updates provided by Grafana.

CVE Vulnerability Privilege Escalation Critical

3 months ago

Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day

SecurityWeek

Actively Exploited

A critical unauthenticated remote code execution vulnerability, identified as CVE-2025-61757, has been discovered in Oracle Identity Manager. This flaw poses significant risks as it may be exploited as a zero-day, allowing attackers to execute arbitrary code without authentication.

Impact: Oracle Identity Manager

Remediation: Implement security patches provided by Oracle for Oracle Identity Manager, monitor for updates from Oracle regarding this vulnerability, and apply best practices for securing identity management systems, such as limiting access and regularly auditing system logs.

CVE Zero-day Vulnerability Critical

3 months ago

CISA Adds One Known Exploited Vulnerability to Catalog

All CISA Advisories

Actively Exploited

CISA has added CVE-2025-61757, a critical vulnerability in Oracle Fusion Middleware, to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. This vulnerability poses significant risks to federal networks, prompting CISA to urge timely remediation by all organizations to mitigate potential cyberattacks.

Impact: Oracle Fusion Middleware

Remediation: Federal Civilian Executive Branch (FCEB) agencies are required to remediate identified vulnerabilities by the due date as per Binding Operational Directive (BOD) 22-01. Organizations are strongly urged to prioritize timely remediation of vulnerabilities listed in the KEV Catalog to protect against active threats.

CVE Vulnerability Critical

3 months ago

Automated Logic WebCTRL Premium Server

All CISA Advisories

The Automated Logic WebCTRL Premium Server has critical vulnerabilities, including an Open Redirect and Cross-site Scripting, with a CVSS v4 score of 8.6. Successful exploitation could allow remote attackers to redirect users to malicious sites or execute malicious scripts in their browsers, posing significant security risks.

Impact: Affected products include: Automated Logic WebCTRL Server (Versions 6.1, 7.0, 8.0, 8.5), Carrier i-Vu (Versions 6.1, 7.0, 8.0, 8.5), Automated Logic SiteScan Web (Versions 6.1, 7.0, 8.0, 8.5), and Automated Logic WebCTRL for OEMs (Versions 6.1, 7.0, 8.0, 8.5). Vendor: Automated Logic.

Remediation: Users are advised to upgrade to WebCTRL version 9.0, as vulnerabilities have been remediated in this version. WebCTRL 7.0, WebCTRL 6.1, and i-Vu 6.0 are out of support. Users should follow Automated Logic's Security Best Practices Checklists for Building Automation Systems (BAS) to align with best practices installation guidelines. CISA recommends minimizing network exposure for control system devices, using firewalls, and employing secure remote access methods like VPNs.

Phishing CVE Exploit Vulnerability Update Critical

3 months ago

Festo MSE6-C2M/D2M/E2M

All CISA Advisories

The Festo MSE6-C2M/D2M/E2M series has a critical vulnerability (CVE-2023-3634) that allows remote authenticated attackers to exploit undocumented test modes, leading to severe risks including loss of confidentiality, integrity, and availability. This vulnerability has a CVSS score of 8.8, indicating a high severity level and necessitating immediate attention and remediation.

Impact: Affected products include: MSE6-C2M-5000-FB36-D-M-RG-BAR-M12L4-AGD, MSE6-C2M-5000-FB36-D-M-RG-BAR-M12L5-AGD, MSE6-C2M-5000-FB43-D-M-RG-BAR-M12L4-MQ1-AGD, MSE6-C2M-5000-FB43-D-M-RG-BAR-M12L5-MQ1-AGD, MSE6-C2M-5000-FB44-D-M-RG-BAR-AMI-AGD, MSE6-C2M-5000-FB44-D-RG-BAR-AMI-AGD, MSE6-D2M-5000-CBUS-S-RG-BAR-VCB-AGD, MSE6-E2M-5000-FB13-AGD, MSE6-E2M-5000-FB36-AGD, MSE6-E2M-5000-FB37-AGD, MSE6-E2M-5000-FB43-AGD, MSE6-E2M-5000-FB44-AGD. Vendor: Festo SE & Co. KG.

Remediation: Festo has updated the user documentation in the next product version to address this issue. Recommended defensive measures include minimizing network exposure for control systems, using firewalls, and secure remote access methods like VPNs. Organizations should also perform impact analysis and risk assessments before deploying defensive measures.

Phishing CVE Exploit Vulnerability Update Critical

3 months ago

Emerson Appleton UPSMON-PRO

All CISA Advisories

The Emerson Appleton UPSMON-PRO vulnerability, identified as CVE-2024-3871, is a stack-based buffer overflow that could allow remote attackers to execute arbitrary code with SYSTEM privileges. This critical vulnerability, with a CVSS v4 score of 9.3, affects versions 2.6 and prior of the product, which is now End of Life and unsupported, necessitating immediate action from users.

Impact: Affected products include Emerson Appleton UPSMON-PRO versions 2.6 and prior. The vulnerability could affect critical infrastructure sectors such as Critical Manufacturing, Healthcare, and Public Health worldwide.

Remediation: Users are recommended to replace the Appleton UPSMON-PRO product or apply the following mitigations: block UDP port 2601 at the firewall level for all installations, isolate UPS monitoring networks from general corporate networks, implement network-level packet filtering to reject oversized UDP packets to port 2601, and monitor for UPSMONProSer.exe service crashes. Long-term strategies include replacing UPSMON-PRO with an actively supported UPS monitoring solution and implementing defense-in-depth strategies for critical power infrastructure monitoring.

CVE Vulnerability Update Critical

3 months ago

PreviousPage 7 of 8Next