Intrucept Security Advisories

ADVISORY	IMPACT	CVE	LAST UPDATED	VERSION
Critical RCE Vulnerability Patched in Ivanti Endpoint Manager	Critical	CVE-2024-29847	18/09/2024	1.0
Widespread of the Necro Trojan Targeting Android Users	Critical	--	26/09/2024	1.0
Zimbra Remote Code Execution Vulnerability (CVE-2024-45519)	Critical	CVE-2024-45519	03/10/2024	1.0
Security Advisory Microsoft’s October Security Patches Mitigate Remote Code Execution & Spoofing Risk	Critical	--	10/10/2024	1.0
Critical Fortinet Vulnerability Exploiting in Wild	Critical	CVE-2024-23113	16/10/2024	1.0
Veeam Vulnerability (CVE-2024-40711) Exploited by Ransomware	Critical	CVE-2024-40711	17/10/2024	1.0
Threat Campaign Targeting WordPress Sites with Malicious Plugins	Critical	--	22/10/2024	1.0
Critical Remote Code Execution Vulnerability in VMware vCenter Server (CVE-2024-38812)	Critical	CVE-2024-38812, CVE-2024-38813	23/10/2024	1.0
Palo Alto Account Takeover Vulnerability Actively Exploited	Critical	CVE-2024-5910	08/11/2024	1.0
November 2024 Microsoft Patches: Addressing Zero-Day Exploits and High-Priority Vulnerabilities	High	--	13/11/2024	1.0
Re-release of November 2024 Exchange Server Security Updates	High	CVE-2024-49040	27/11/2024	1.0
Security Update for NVIDIA Base Command & Bright Cluster Managers	Medium	CVE-2024-0139	29/11/2024	1.0
RCE and File Deletion Vulnerabilities in Veeam Service Provider Console	Critical	CVE-2024-42448, CVE-2024-42449	05/12/2024	1.0
Advisory on MUT-8694: Threat Actors Exploiting Developer Trust in Open-Source Libraries	High	--	10/12/2024	1.0
Microsoft December 2024 Patch Tuesday: Critical Fixes for Zero-Day and Remote Code Execution	High	--	12/12/2024	1.0
Security Advisory Zero-Day Vulnerability in Windows Exposes NTLM Credentials	Critical	Not yet assigned	13/12/2024	1.0
Critical Flaw in WordPress Hunk Companion Plugin Enables Unauthorized Plugin Installation	Critical	CVE-2024-11972	17/12/2024	1.0
Security Advisory Cleo Releases Patch for Critical Vulnerabilities Exploited in the Wild	Critical	CVE-2024-55956, CVE-2024-50623	18/12/2024	1.0
Critical Apache Tomcat Vulnerabilities Allow RCE & DoS	Critical	CVE-2024-50379, CVE-2024-54677	21/12/2024	1.0
Denial of Service Vulnerability in DNS Security Feature of Palo Alto Networks PAN-OS	High	CVE-2024-3393	03/01/2025	1.0
Exploit Proof-of-Concept Released for LDAP CVE-2024-49113	Critical	CVE-2024-49113	06/01/2025	1.1
Critical Windows Privilege Escalation Vulnerability with Public Exploit	High	CVE-2024-43641	07/01/2025	1.0
Race Condition Vulnerability in OpenSSH (CVE-2024-6387): PoC Exploit Released	High	CVE-2024-6387	09/01/2025	1.0
Ivanti Connect Secure VPN Actively Being Exploited in the Wild	High	CVE-2025-0282, CVE-2025-0283	10/01/2025	1.0
GitLab Releases Patch to Fix Critical and High-Severity Vulnerabilities	High	--	13/01/2025	1.0
Important Security Alert: SonicWall Issues Patch for SSL-VPN Vulnerabilities	High	CVE-2024-53704	15/01/2025	1.0
Banshee Stealer: A Growing Threat to macOS Users	High	--	15/01/2025	1.0
Critical Security Updates: Microsoft Jan 2025 Patch Tuesday Fixes 8 Zero-Days & 159 Vulnerabilities	Critical	--	16/01/2025	1.0
Privilege Escalation Vulnerability in ComboBlocks Plugin Affects Thousands of Sites	Critical	CVE-2024-9636	17/01/2025	1.0
Critical Zero-Day Vulnerability in Windows (CVE-2024-49138): PoC Released, Exploited in the Wild	High	CVE-2024-49138	20/01/2025	1.0
Critical Authentication Bypass Vulnerability in Fortinet Products Under Active Exploitation	Critical	CVE-2024-55591	23/01/2025	1.0
Privilege Escalation Vulnerability Exposes Cisco Meeting Management to Attacks	Critical	CVE-2025-20156	24/01/2025	1.0
High-Severity SMB Server Flaws (CVE-2024-56626 & CVE-2024-56627) in Linux Kernel	High	CVE-2024-56626, CVE-2024-56627	29/01/2025	1.0
Apple Patched Actively Exploited Zero-Day Vulnerability	High	CVE-2025-24085	29/01/2025	1.0
macOS Security at Risk: PoC Exploit for CVE-2025-24118 Kernel Flaw	Critical	CVE-2025-24118	03/02/2025	1.0
Zero-Day Vulnerability in Microsoft Sysinternals Tools	High	--	05/02/2025	1.0
Active Exploitation of Microsoft Outlook RCE Vulnerability (CVE-2024-21413)	Critical	CVE-2024-21413	07/02/2025	1.0
7Zip Mark-Of-The-Web Vulnerability	High	CVE-2025-0411	10/02/2025	1.0
Apple’s USB Restricted Mode Exploited in Targeted Attacks	High	--	12/02/2025	1.0
Microsoft Updates Patch Tuesday for Feb 2025; Address 67 Vulnerabilities, Includes 2 Exploited Zero-Days	High	--	12/02/2025	1.0
Authentication Bypass Vulnerability in FortiOS & FortiProxy	Critical	CVE-2025-24472	13/02/2025	1.0
Palo Alto Firewall Vulnerabilities Under Active Exploitation	High	CVE-2025-0108	20/02/2025	1.0
Exploitable Command Injection in F5 BIG-IP (CVE-2025-20029)	High	CVE-2025-20029	24/02/2025	1.0
Critical WordPress Security Flaw in Everest Forms Plugin	Critical	CVE-2025-1128	27/02/2025	1.0
High-Severity DoS Vulnerability in Cisco NX-OS Software	High	CVE-2025-20111	28/02/2025	1.0
Wazuh Server Vulnerability (CVE-2025-24016) Exposes Systems to RCE Attacks	Critical	CVE-2025-24016	04/03/2025	1.0
Decade-Old Threat: CVE-2018-8639 Still Poses Risks to Unpatched Windows	High	CVE-2018-8639	05/03/2025	1.0
Critical Vulnerabilities in IBM Storage: Authentication Bypass and Code Execution Risks	Critical	CVE-2025-0159, CVE-2025-0160	06/03/2025	1.0
Critical VMware Vulnerabilities Exploited in the Wild – Patch Immediately	Critical	CVE-2025-22224, CVE-2025-22225, CVE-2025-22226	07/03/2025	1.0
Critical Security Flaw in Kibana Requires Immediate Attention	Critical	CVE-2025-25012	07/03/2025	1.0
PoC Released for High-Severity Linux Kernel UVC Driver Vulnerability	High	CVE-2024-53104	11/03/2025	1.0
High-Severity RCE Vulnerability in WinDbg (CVE-2025-24043)	High	CVE-2025-24043	12/03/2025	1.0
Zero-Day Threats Addressed in Microsoft’s March 2025 Patch Tuesday	Critical	--	13/03/2025	1.0
Multiple High-Severity Vulnerabilities Patched in Zoom	High	CVE-2025-27440, CVE-2025-27439, CVE-2025-0151, CVE-2025-0150, CVE-2025-0149	14/03/2025	1.0
Apache NiFi Security Flaw Exposes MongoDB Credentials	Medium	CVE-2025-27017	17/03/2025	1.0
New Exploit Allows Remote Code Execution in Apache Tomcat	Critical	CVE-2025-24813	20/03/2025	1.0
WordPress Age Gate Plugin Critical Vulnerability (CVE-2025-2505) Affects Over 40,000 Websites	Critical	CVE-2025-2505	24/03/2025	1.0
Update Google Chrome to Fix Critical Remote Code Execution Vulnerability in Lens	High	CVE-2025-2476	25/03/2025	1.0
Critical NGINX Ingress Vulnerabilities Expose Kubernetes Clusters to Compromise	Critical	N/A	25/03/2025	1.0
Windows Zero-Day Exploit NTLM Hash Disclosure via Malicious Files	Critical	Zero-Day	28/03/2025	1.0
Critical Chrome Vulnerability (CVE-2025-2783) Exploited in Cyber-Espionage Campaign	High	CVE-2025-2783	28/03/2025	1.0
3 Zero-Day Vulnerabilities backported & fixed in Apple Devices	High	CVE-2025-24201, CVE-2025-24085, and CVE-2025-24200.	02/04/2025	1.0
WordPress Ultimate CSV Importer Flaws Put 20,000+ Sites at Risk	High	CVE-2025-2008, CVE- 2025-2007	03/04/2025	1.0
Spoofing Vulnerability in WhatsApp Desktop for Windows	Medium	CVE-2025-30401	09/04/2025	1.0
April Zero-Day Threats Addressed in Microsoft’s Patch Tuesday	High	N/A	09/04/2025	1.0
Critical Flaw in FortiSwitch of Fortinet Allows Attackers to Change Admin Password	Critical	CVE-2024-48887	10/04/2025	1.0
Dell Releases Patches for Multiple PowerScale OneFS Security Vulnerabilities	Critical	CVE-2025-27690, CVE-2025- 26330, CVE-2025-22471	13/04/2025	1.0
Critical Session Management Vulnerability in Apache Roller	Critical	CVE-2025-24859	15/04/2025	1.0
Windows 11 DLL Flaws Open Doors to Privilege Escalation!	High	CVE-2025-24994, CVE-2025-24076	21/04/2025	1.0
Windows Update Stack Privilege Escalation Vulnerability (CVE-2025-21204) – PoC Released	High	CVE-2025-21204	23/04/2025	1.0
Critical SAP NetWeaver Zero-day Vulnerability Exploited in the Wild	Critical	CVE-2025-31324	29/04/2025	1.0
High-Severity Linux Kernel Flaw Exposes Systems to Root-Level Attacks	High	CVE-2025-21756	30/04/2025	1.0
Tesla Model 3 VCSEC Vulnerability Allows Remote Code Execution via TPMS Exploit	High	CVE-2025-2082	02/05/2025	1.0

Defend Your Business Against The Latest Cyber Threats

Our experts are here to help you

INDIA OFFICE

Phone

+91 98454 47250

[email protected]

Address

Bengaluru, India

AUSTRALIA OFFICE

Phone

+61 414 780 058

[email protected]

Address

Intrucept Security Advisories

Defend Your Business Against The Latest Cyber Threats

+91 98454 47250

[email protected]

Bengaluru, India

+61 414 780 058

[email protected]

Epping, NSW, 2121