CyberSecurity news
FlagThis
Pierluigi Paganini@Security Affairs
//
CISA has added multiple vulnerabilities in Advantive VeraCore to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The five flaws impact both Advantive VeraCore and Ivanti Endpoint Manager (EPM) with agencies being urged to apply patches by March 31, 2025.
The VeraCore vulnerabilities, CVE-2024-57968 and CVE-2025-25181, are being exploited by the XE Group, a Vietnamese threat actor, to deploy reverse shells and web shells for persistent remote access. CVE-2024-57968 is an unrestricted file upload vulnerability, while CVE-2025-25181 is an SQL injection vulnerability. There are currently no public reports about how the three Ivanti EPM flaws are being weaponized in real-world attacks.
ImgSrc: securityaffairs
References :
The VeraCore vulnerabilities, CVE-2024-57968 and CVE-2025-25181, are being exploited by the XE Group, a Vietnamese threat actor, to deploy reverse shells and web shells for persistent remote access. CVE-2024-57968 is an unrestricted file upload vulnerability, while CVE-2025-25181 is an SQL injection vulnerability. There are currently no public reports about how the three Ivanti EPM flaws are being weaponized in real-world attacks.
ImgSrc: securityaffairs
Share:
References :
- securityaffairs.com: U.S. CISA adds Advantive VeraCore and Ivanti EPM flaws to its Known Exploited Vulnerabilities catalog
- The Hacker News: CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List
- Talkback Resources: CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List [exp] [ics]
Classification:
- HashTags: #VeraCore #cyberattack #CISA
- Company: Advantive
- Target: VeraCore
- Attacker: XE Group
- Product: VeraCore
- Feature: SQL Injection
- Malware: Reverse Shell
- Type: Vulnerability
- Severity: Major