Snapshot
Feb. 15, 2025 - Feb. 21, 2025
CISA Known Exploited Vulnerabilities |
||||
|---|---|---|---|---|
| CVE | Summary | Severity | Vendor | Date Added |
| CVE-2025-24989 | Microsoft Power Pages contains an improper access control vulnerability that allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. | CRITICAL | Microsoft | Feb. 21, 2025 |
| CVE-2025-23209 | Craft CMS contains a code injection vulnerability caused by improper validation of the database backup path, ultimately enabling remote code execution. | HIGH | Craft CMS | Feb. 20, 2025 |
| CVE-2025-0111 | Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. | MEDIUM | Palo Alto Networks | Feb. 20, 2025 |
| CVE-2024-53704 | SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication. | CRITICAL | SonicWall | Feb. 18, 2025 |
| CVE-2025-0108 | Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management web interface to bypass the authentication normally required and invoke certain PHP scripts. | CRITICAL | Palo Alto Networks | Feb. 18, 2025 |
Newswires |
||||
|
Google Researcher Discloses High-Risk Vulnerability in Palo Alto Networks' PAN-OS Firewall Software
A Google researcher has unveiled a proof-of-concept exploit for a high-risk vulnerability (CVE-2025-0110) in the firewall software PAN-OS, developed by Palo Alto Networks. |
Feb. 21, 2025 |
|||
|
Ubiquiti UniFi Protect Cameras Vulnerable to Remote Hijacking: Critical Security Advisory Issued
Ubiquiti, a prominent network equipment provider, has issued a critical security warning about numerous vulnerabilities detected in its UniFi Protect camera line. |
Feb. 21, 2025 |
|||
|
Windows Disk Cleanup Tool Vulnerability Allows SYSTEM Privileges Exploitation: CVE-2025-21420 Patched
Microsoft has patched a significant vulnerability in its Windows Disk Cleanup Tool (cleanmgr.exe) as part of the February 2025 Patch Tuesday. |
Feb. 20, 2025 |
|||
|
Critical Security Flaw in Juniper Session Smart Routers Allows Authentication Bypass
Juniper Networks has rolled out security patches to rectify a significant security flaw that affects its Session Smart Router, Session Smart Conductor, and WAN Assurance Router products. |
Feb. 18, 2025 |
|||
|
RedMike Exploits Cisco Vulnerabilities in Global Espionage Campaign
Insikt Group, a cybersecurity research firm, has discovered an ongoing global cyber espionage campaign led by the Chinese state-sponsored group, RedMike. |
Feb. 18, 2025 |
|||
Vulnerabilities In The News |
||||
| CVE | Summary | Severity | Vendor | Risk Context |
| CVE-2018-0171 (5) | A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, ... | CRITICAL | Cisco |
CISA Known Exploited Remote Code Execution Public Exploits Available |
| CVE-2024-53704 (4) | An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. | CRITICAL | Sonicwall |
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
| CVE-2025-0108 (16) | An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to... | CRITICAL | Paloaltonetworks, Palo Alto Networks |
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
| CVE-2025-21355 (4) | Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network | HIGH | Risk Context N/A | |
| CVE-2025-23209 (4) | Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. | HIGH | Craftcms, Craft Cms |
CISA Known Exploited Actively Exploited Remote Code Execution |
| CVE-2024-9474 (10) | A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the m... | HIGH | Paloaltonetworks, Palo Alto Networks |
CISA Known Exploited Actively Exploited Public Exploits Available |
| CVE-2025-26465 (7) | A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. | MEDIUM |
Remote Code Execution Public Exploits Available |
|
| CVE-2025-0111 (10) | An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with net... | MEDIUM | Paloaltonetworks, Palo Alto Networks |
CISA Known Exploited |
CISA Known Exploited Vulnerabilities
CISA added five vulnerabilities to the known exploited vulnerabilities list.
Microsoft — Power Pages |
|
CVE-2025-24989 / Added: Feb. 21, 2025 |
|
CRITICAL CVSS 9.80 EPSS Score 1.18 EPSS Percentile 85.11 |
|
Microsoft Power Pages contains an improper access control vulnerability that allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. |
|
Headlines
|
Craft CMS — Craft CMS |
|
CVE-2025-23209 / Added: Feb. 20, 2025 |
|
HIGH CVSS 8.10 EPSS Score 0.90 EPSS Percentile 82.82 |
|
Craft CMS contains a code injection vulnerability caused by improper validation of the database backup path, ultimately enabling remote code execution. |
|
Headlines
|
In The News
Vulnerabilities receiving the most attention in traditional news media.
CVE-2018-0171 |
|
CRITICAL CVSS 9.80 EPSS Score 74.49 EPSS Percentile 98.39 |
|
CISA Known Exploited Remote Code Execution Public Exploits Available |
|
Published: March 28, 2018 |
|
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186. |
|
Vendor Impacted: Cisco |
|
Products Impacted: Ios, Ios And Ios Xe |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2024-53704 |
|
CRITICAL CVSS 9.80 EPSS Score 96.07 EPSS Percentile 99.65 |
|
CISA Known Exploited Actively Exploited Remote Code Execution Used In Ransomware Public Exploits Available |
|
Published: Jan. 9, 2025 |
|
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. |
|
Vendor Impacted: Sonicwall |
|
Products Impacted: Nssp 15700, Tz570p, Tz470, Tz80, Nsa 6700, Tz470w, Nssp 10700, Nssp 13700, Tz570w, Tz670, Sonicos, Nsa 5700, Nssp 11700, Nsv 470, Nsa 2700, Tz370w, Tz270w, Nsv 870, Nsa 3700, Nsa 4700, Tz370, Tz570, Tz270, Nsv 270 |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2025-0108 |
|
CRITICAL CVSS 9.10 EPSS Score 95.54 EPSS Percentile 99.57 |
|
CISA Known Exploited Actively Exploited Remote Code Execution Public Exploits Available |
|
Published: Feb. 12, 2025 |
|
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software. |
|
Vendors Impacted: Paloaltonetworks, Palo Alto Networks |
|
Product Impacted: Pan-Os |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2025-21355 |
|
HIGH CVSS 8.60 EPSS Score 0.09 EPSS Percentile 39.35 |
|
Risk Context N/A |
|
Published: Feb. 19, 2025 |
|
Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2025-23209 |
|
HIGH CVSS 8.10 EPSS Score 0.90 EPSS Percentile 82.82 |
|
CISA Known Exploited Actively Exploited Remote Code Execution |
|
Published: Jan. 18, 2025 |
|
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. This is an remote code execution (RCE) vulnerability that affects Craft 4 and 5 installs where your security key has already been compromised. Anyone running an unpatched version of Craft with a compromised security key is affected. This vulnerability has been patched in Craft 5.5.8 and 4.13.8. Users who cannot update to a patched version, should rotate their security keys and ensure their privacy to help migitgate the issue. |
|
Vendors Impacted: Craftcms, Craft Cms |
|
Product Impacted: Craft Cms |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2024-9474 |
|
HIGH CVSS 7.20 EPSS Score 97.47 EPSS Percentile 99.98 |
|
CISA Known Exploited Actively Exploited Public Exploits Available |
|
Published: Nov. 18, 2024 |
|
A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability. |
|
Vendors Impacted: Paloaltonetworks, Palo Alto Networks |
|
Product Impacted: Pan-Os |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2025-26465 |
|
MEDIUM CVSS 6.80 EPSS Score 0.04 EPSS Percentile 11.72 |
|
Remote Code Execution Public Exploits Available |
|
Published: Feb. 18, 2025 |
|
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high. |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
CVE-2025-0111 |
|
MEDIUM CVSS 6.50 EPSS Score 2.94 EPSS Percentile 90.82 |
|
CISA Known Exploited |
|
Published: Feb. 12, 2025 |
|
An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software. |
|
Vendors Impacted: Paloaltonetworks, Palo Alto Networks |
|
Product Impacted: Pan-Os |
|
Quotes
|
|
Headlines
|
| Back to top ↑ |
Accelerate Security Teams
Schedule a free consultation with a vulnerability expert to discuss your use cases and to see a demo.
