Fortinet has disclosed a medium-severity vulnerability in its FortiDDoS-F product line that could allow a privileged attacker to execute unauthorized commands. Tracked as CVE-2024-45325, the flaw is an OS command injection vulnerability residing within the product’s command-line interface (CLI). The vulnerability, identified as CWE-78, stems from an improper neutralization of special elements used in an […] The post FortiDDoS OS Command Injection Vulnerability Let Attackers Execute Unauth...| Cyber Security News
Ivanti has released security updates to address two high-severity vulnerabilities in its Endpoint Manager (EPM) software that could allow remote code execution. The vulnerabilities, tracked as CVE-2025-9712 and CVE-2025-9872, affect multiple versions of the product. The company has stated that it is not aware of any active exploitation of these flaws in the wild at […] The post Critical Ivanti Endpoint Manager Vulnerabilities Let Attackers Execute Remote Code appeared first on Cyber Securit...| Cyber Security News
A significant global effort to patch a critical zero-day remote code execution (RCE) vulnerability in Citrix NetScaler devices has seen the number of exposed systems drop from approximately 28,200 to 12,400 in just one week.| Cyber Security News
CISA has issued urgent warnings regarding two critical security vulnerabilities in N-able N-Central remote monitoring and management (RMM) software that are actively being exploited by threat actors.| Cyber Security News
.webp)
Zoom has disclosed a critical vulnerability affecting multiple Windows-based clients, potentially allowing attackers to escalate privileges and compromise user systems.| Cyber Security News
Ivanti has released critical security updates addressing multiple high and medium-severity vulnerabilities across its Connect Secure, Policy Secure, and Zero Trust Access (ZTA) gateway products.| Cyber Security News
A severe flaw in a major automaker’s dealer portal that allowed unauthorized attackers to register for dealer accounts, escalate privileges to a national administrator, and ultimately control vehicles remotely.| Cyber Security News
A critical security vulnerability in ChatGPT has been discovered that allows attackers to embed malicious SVG (Scalable Vector Graphics) and image files directly into shared conversations, potentially exposing users to sophisticated phishing attacks and harmful content.| Cyber Security News
Apple has released critical security updates for macOS Sequoia, addressing multiple vulnerabilities that could allow malicious applications to access sensitive user data.| Cyber Security News
A new attack vector exploiting vulnerabilities in Kerberos delegation within Active Directory (AD) networks has been uncovered.| Cyber Security News