Shield53

Insights

  • CVE-2025-24813: Unauthenticated RCE in Apache Tomcat – PoC Released

    CVE-2025-24813: Unauthenticated RCE in Apache Tomcat – PoC Released

    Summary A critical path equivalence vulnerability (CVE-2025-24813) has been identified in Apache Tomcat, allowing unauthenticated remote code execution (RCE) under specific server configurations. Disclosed on March 10, 2025, this flaw affects multiple versions of Apache Tomcat and has been actively exploited in the wild following the release of a public proof-of-concept (PoC) exploit. The Cybersecurity […]

  • FortiVoice Zero-Day Vulnerability (CVE-2025-32756) Exploited in the Wild

    FortiVoice Zero-Day Vulnerability (CVE-2025-32756) Exploited in the Wild

    Summary Fortinet has disclosed a critical stack-based buffer overflow vulnerability, identified as CVE-2025-32756, affecting multiple products, including FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera. This flaw allows remote, unauthenticated attackers to execute arbitrary code via specially crafted HTTP requests. The vulnerability has been actively exploited in the wild, with confirmed attacks targeting FortiVoice systems. Risks Exploitation […]

  • CVE-2025-0133: Palo Alto Networks GlobalProtect XSS Vulnerability

    CVE-2025-0133: Palo Alto Networks GlobalProtect XSS Vulnerability

    Summary: Palo Alto Networks has disclosed a reflected cross-site scripting (XSS) vulnerability, identified as CVE-2025-0133, affecting the GlobalProtect gateway and portal features of its PAN-OS software. This flaw allows execution of malicious JavaScript in the browsers of authenticated Captive Portal users when they click on specially crafted links. While the default configuration poses a low […]

  • CVE-2025-31324: Zero-Day Vulnerability in SAP NetWeaver Exploited in the Wild

    CVE-2025-31324: Zero-Day Vulnerability in SAP NetWeaver Exploited in the Wild

    Summary: Tenable researchers have uncovered a critical zero-day vulnerability (CVE-2025-31324) affecting SAP NetWeaver AS Java systems. The flaw, currently exploited in the wild, stems from a missing authentication check in a servlet responsible for handling certain HTTP requests. If successfully exploited, attackers can achieve unauthenticated remote code execution (RCE), granting them full control over the […]

  • Critical Cisco ASA SSH Vulnerability (CVE-2024-20329) Allows Remote Root Access

    Critical Cisco ASA SSH Vulnerability (CVE-2024-20329) Allows Remote Root Access

    Summary Cisco has disclosed a critical vulnerability (CVE-2024-20329) in the SSH subsystem of its Adaptive Security Appliance (ASA) Software. This flaw allows an authenticated, remote attacker to execute operating system commands as root. The vulnerability arises from insufficient validation of user input, enabling attackers to submit crafted input when executing remote CLI commands over SSH. […]

  • Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433) Puts Systems at Risk

    Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433) Puts Systems at Risk

    / /

    Summary A critical vulnerability (CVE-2025-32433) has been identified in the Erlang/OTP SSH daemon, allowing unauthenticated attackers to execute arbitrary code remotely. This flaw arises from improper handling of SSH protocol messages, enabling attackers to send connection protocol messages before authentication. The issue affects all devices running the Erlang/OTP SSH daemon, commonly used in telecom infrastructure, […]

  • Fortinet Ends SSL VPN Support

    Fortinet Ends SSL VPN Support

    /

    Summary Fortinet has announced the end of support for SSL VPN on several of its older devices, a move aimed at enhancing security and ensuring compatibility with modern cryptographic standards. This termination includes FortiOS versions running on models that do not support TLS 1.2 or higher. The company cites the need to mitigate cybersecurity risks […]

  • Fortinet FortiGate 0-Day Allegedly for Sale on Dark Web: What Enterprises Need to Know

    Fortinet FortiGate 0-Day Allegedly for Sale on Dark Web: What Enterprises Need to Know

    A threat actor claims that a previously unknown vulnerability commonly referred to as a zero-day affecting Fortinet’s FortiGate firewalls is being sold on the dark web. This development poses a potentially serious risk to enterprises relying on Fortinet for perimeter defense.   Overview of the Threat A user operating under the alias “Racoon Hacker” has […]

  • Cisco Meraki and ECE Vulnerabilities Enable Remote DoS Attacks

    Cisco Meraki and ECE Vulnerabilities Enable Remote DoS Attacks

    Summary: Cisco has disclosed multiple high-severity vulnerabilities affecting its Meraki and Emergency Calling and Education (ECE) products. These flaws, identified under various CVEs, allow remote attackers to launch Denial-of-Service (DoS) attacks by exploiting improper input validation and memory handling. Successful exploitation could cause affected devices or services to reload unexpectedly, disrupting critical operations, especially in […]

  • Critical OpenVPN Vulnerability (CVE-2024-27459) Lets Remote Attackers Crash VPN Servers

    Critical OpenVPN Vulnerability (CVE-2024-27459) Lets Remote Attackers Crash VPN Servers

    Summary: A recently disclosed vulnerability in OpenVPN, identified as CVE-2024-27459, allows remote attackers to crash VPN servers by sending malformed IPv6 packets. The flaw stems from improper handling of IPv6 routes during peer connection processing, which results in a segmentation fault. This denial-of-service (DoS) condition could severely disrupt business operations dependent on OpenVPN for secure […]