One Article Review
| Source |  Cyble |
|---|---|
| Identifiant | 8645197 |
| Date de publication | 2025-01-31 10:18:43 (vue: 2025-01-31 11:08:18) |
| Titre | Cyble\\'s Weekly Vulnerability Update: Critical SonicWall Zero-Day and Exploited Flaws Discovered |
| Texte | 
Overview
Cyble\'s weekly vulnerability insights to clients cover key vulnerabilities discovered between January 22 and January 28, 2025. The findings highlight a range of vulnerabilities across various platforms, including critical issues that are already being actively exploited.
Notably, the Cybersecurity and Infrastructure Security Agency (CISA) added two vulnerabilities to their Known Exploited Vulnerability (KEV) catalog this week. Among these, the zero-day vulnerability CVE-2025-23006 stands out as a critical threat affecting SonicWall\'s SMA1000 appliances.
In this week\'s analysis, Cyble delves into multiple vulnerabilities across widely used software tools and plugins, with particular attention to SimpleHelp remote support software, Ivanti\'s Cloud Services Appliance, and issues within RealHome\'s WordPress theme. As always, Cyble has also tracked underground activity, providing insights into Proof of Concepts (POCs) circulating among cyber criminals.
Weekly Vulnerability Insights
CVE-2025-23006 - SonicWall SMA1000 Appliances (Critical Zero-Day Vulnerability)
A severe deserialization vulnerability in SonicWall\'s SMA1000 series appliances has been identified as a zero-day, impacting systems that are not yet patched. With a CVSSv3 score of 9.8, this vulnerability is critical and allows remote attackers to exploit deserialization flaws, leading to the potential execution of arbitrary code.
This vulnerability was added to the KEV catalog by CISA on January 23, 2025, marking it as actively exploited in the wild. Organizations using SMA1000 appliances should prioritize patching as soon as an official update becomes available.
2. SimpleHelp Remote Support Software Vulnerabilities (Critical and High Severity)
Three vulnerabilities were discovered in SimpleHelp\'s remote support software, used by IT professionals for remote customer assistance. These flaws include:
CVE-2024-57726: A privilege escalation vulnerability that allows unauthorized users to gain administrative access due to insufficient backend authorization checks.
|
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 0411 2023 2024 2025 23006 24085 32315 32315: 32444 38063 38063: 55591: 57726: 57727: 57728: 8190 8963 9379: 9380: about access across act active actively activities activity actors add added administrative administrators adversaries affected affecting affects after against agency ahead aligns all allow allowing allows already also always among among cyber analysis apple appliance appliances arbitrary are are: assistance associated attack attackers attention authentication authorization available backend becomes been being between book both breaches bypass can catalog chained channels checks circulated circulating cisa click click” clients cloud code commands component compromise compromising concept concepts conclusion configuration confirmed considerable contain containing content continue continued control core could cover criminals critical csa customer cutting cve cvss cvssv3 cyber cybersecurity cyble data day deep defense delves demo deserialization despite devices discovered discussing discussions driven due edge educate elevated emerging emphasizes employees enables enabling enforce engineering ensure environments escalation especially event evolving execute execution exploit exploitation exploited exploiting expose exposed exposure extra fbi files findings flaw flaws following fortios fortiproxy forums free from full gain handling hardware has hashed have hawk help helps here high highlight highlights how identified ignite immediate impacting implant implement importance incident include: including increased infrastructure initial injection insights insufficient intelligence interaction interest internet involving ios ipv6 issue issues ivanti january kev key known latest layer leading leaving like limit listed macos making malicious many marking mechanisms media mfa mitigate mitigating monitoring most multiple must network networks not notable notably noted observed occur offers official ongoing openfire organization organizations other out over overview packet particular passwords patch patched patches patching path perform permits phishing plan platforms plugins pocs pose posed potential potentially prepared prior prioritize privilege privileges professionals prompted proof protected protection providing public quickly range rce realhome realtime recognize recommendations recommendations: reduces register regularly related released remain remains remote remotely report reports required research response risk risks robust run running score security segmentation sensitive september series serious server services several severe severity shared sharing should signaling significant simplehelp since sites sma1000 social software sold solutions sonicwall soon sql stacks stands stay strengthen such suffers support surface system systems tactics take tcp/ip telegram testing them theme these those threat threats three through today tools tracked traversal trends triggered two unauthenticated unauthorized under underground update update: updating upload urgency use used user users using value various vendors versions vigilant vision vulnerabilities vulnerability vulnerable warnings weaponized web websites week weekly which widely wild windows within wordpress worldwide yet your zero zip zip that “zero |
| Tags | Tool Vulnerability Threat Patching Cloud |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.