FlagThis

A critical vulnerability, tracked as CVE-2025-23006, has been discovered in SonicWall’s SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC). This flaw, classified under CWE-502 (Deserialization of Untrusted Data), carries a severity score of 9.8 (Critical), indicating its potential for a devastating impact. SonicWall has confirmed active exploitation of this vulnerability by malicious actors, allowing them to execute arbitrary OS commands on affected appliances. The vulnerability stems from the improper handling of data during deserialization processes. This flaw can be exploited by attackers to inject malicious code into the targeted appliances, ultimately leading to complete system compromise. SonicWall has issued an urgent security advisory and released a patch for this vulnerability. The company strongly urges users to update their SMA1000 appliances immediately.

Multiple critical vulnerabilities in Ivanti CSA have been actively exploited by Chinese state-sponsored actors, prompting warnings from CISA and the FBI. These vulnerabilities allow attackers to gain unauthorized access and execute arbitrary code. The agencies have released detailed technical information and IOCs for network defenders. These exploits highlight the need for immediate patching and robust security measures, and demonstrates the speed at which attackers are weaponizing disclosed vulnerabilities.

A critical vulnerability, tracked as CVE-2021-44207, in the Acclaim Systems USAHERDS web application, which is a web based application, has been actively exploited. The vulnerability involves the use of hard-coded credentials, making it an easy target for malicious actors. CISA has added this flaw to its Known Exploited Vulnerabilities catalog. Organizations are urged to apply the necessary remediation to reduce their exposure to cyber attacks. This vulnerability allows for significant risk to the federal enterprise.

CISA is urging government and political officials to use end-to-end encrypted messaging apps like Signal after observing a series of telecom breaches affecting multiple countries, including eight carriers in the US. This is to ensure secure communication and prevent potential data leaks of government and political conversations. These breaches highlight the need for stronger security measures in the telecom industry.

CISA and ONCD have released a playbook to help grant-making agencies incorporate cybersecurity into federally funded infrastructure projects. The playbook provides a framework, recommended actions and model language for grant programs. The goal is to enhance cyber resilience in critical infrastructure projects.

Multiple critical vulnerabilities have been disclosed impacting various Industrial Control Systems (ICS) products. These vulnerabilities, identified in AutomationDirect’s C-More EA9 Programming Software, Planet Technology’s industrial switch WGS-804HPT, and other products, could enable remote code execution (RCE) and other serious security compromises if exploited. The vulnerabilities highlight the ongoing challenge of securing critical infrastructure against sophisticated cyberattacks. Organizations are urged to apply the necessary mitigations and keep their ICS software updated to prevent attacks and minimize the risk to their operations.

The Cybersecurity and Infrastructure Security Agency (CISA) issued alerts about multiple vulnerabilities being actively exploited in the wild, affecting popular software and hardware products such as Zyxel firewalls, CyberPanel, North Grid, and ProjectSend. These vulnerabilities pose significant security risks, allowing attackers to gain unauthorized access and control of affected systems. Organizations are strongly urged to apply the necessary security updates or mitigations immediately to prevent exploitation. The vulnerabilities include CVE-2024-51378 (CyberPanel), which has a CVSS score of 10.0. Specific details on each vulnerability and remediation steps can be found in the respective security advisories issued by CISA and the affected vendors.

Multiple vulnerabilities have been added to the U.S. CISA’s Known Exploited Vulnerabilities catalog. These include issues in Zyxel firewalls, Cisco ASA, and others, highlighting the ongoing need for timely patching and vulnerability management. Active exploitation in the wild is a key concern.

A critical vulnerability (CVE-2024-51378, CVSS score 10.0) affecting CyberPanel, an open-source web hosting control panel, has been actively exploited by attackers. In addition, multiple vulnerabilities impacting Zyxel firewalls (CVE-2024-11667), ProjectSend (CVE-2024-11680), and North Grid Proself (CVE-2023-45727) have also been added to CISA’s Known Exploited Vulnerabilities catalog due to active exploitation. These flaws enable various attacks, including authentication bypass, remote code execution, and data exfiltration, emphasizing the need for swift patching and proactive security measures across organizations using these products.