One Article Review
| Source |  Cyble |
|---|---|
| Identifiant | 8648344 |
| Date de publication | 2025-02-13 11:40:21 (vue: 2025-02-13 12:08:26) |
| Titre | CISA Updates Known Exploited Vulnerabilities Catalog with Four Critical Issues |
| Texte | >
In a recent update to its Known Exploited Vulnerabilities Catalog, the Cybersecurity and Infrastructure Security Agency (CISA) has added four security vulnerabilities that are currently under active exploitation. These vulnerabilities span across multiple platforms and pose substantial security risks for both organizations and individual users.
The vulnerabilities identified in CVE-2024-40891, CVE-2024-40890, CVE-2025-21418, and CVE-2025-21391 can be exploited with relative ease if security updates are not applied promptly. Users and organizations should follow the guidance provided by vendors like Zyxel and Microsoft, ensuring that their systems are updated regularly to address the latest security flaws.
For organizations relying on Zyxel DSL routers or Windows-based systems, it is crucial to assess the exposure to these vulnerabilities and take immediate steps to update firmware or software versions.
Details of the Vulnerabilities and Active Exploitation
CVE-2024-40891 and CVE-2024-40890: Critical Command Injection Vulnerabilities in Zyxel DSL Routers
The two vulnerabilities-CVE-2024-40891 and CVE-2024-40890-are related to a series of Command Injection Vulnerabilities affecting Zyxel DSL CPE devices. Specifically, these vulnerabilities affect the Zyxel VMG4325-B10A router model running firmware version 1.00(AAFR.4)C0_20170615.
Both vulnerabilities share a common thread: they allow authenticated attackers to execute arbitrary operating system (OS) commands on the affected devices via Telnet (CVE-2024-40891) or a crafted HTTP POST request (CVE-2024-40890). This puts devices at high risk of being compromised by threat actors who can exploit these weaknesses to gain control of the affected systems.
According to the official Zyxel advisory, both vulnerabilities have been assigned a CVSS severity score of 8.8 (High). These flaws stem from improper neutralization of special elements used in OS commands (CWE-78: Improper Neutralization of Special Elements used in an OS Command). Once successfully exploited, the vulnerabilities could allow attackers to bypass authentication and execute malicious OS commands, effectively compromising the security of the devices.
Zyxel has issued advisories urging users to update their firmware to mitigate these vulnerabilities. Devices using older firmware versions are especially at risk. The active exploitation of these vulnerabilities could lead to severe consequences, such as unauthorized access, |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 1809 20170615 2019 2024 2025 21391 21391: 21418 21418: 40890 40890: 40891 78: aafr access accessing according across actions active actors added address adds advisories advisory affect affected affecting affects agency all allow allows ancillary applied apply arbitrary are arises assess assigned attack attacker attackers attacks authenticated authentication b10a based been before being between both breaches buffer buffers businesses but bypass can catalog cisa command commands common complete components compromise compromised compromises compromising conclusion confidentiality consequences considered control controls could cpe crafted critical crucial currently cve cvss cwe cyber cyberattacks cybercriminals cybersecurity cyble data details devices driven driver dsl during ease editions effectively elements elevate elevation encouraged ensuring especially essential events/alerts/2025/02/11/cisa execute exploit exploitation exploited exploiting exposure file files finally firmware flaw flaws follow following four from function gain gov/news granting guidance handling has have heap helps high higher highlights http https://www id=cve identified immediate improper improperly including inclusion individual informed infrastructure injection install integrity intelligence interaction issue issued issues its known latest lead leading left level like link links malicious manipulate marking microsoft mitigate model moderately monitoring multiple must neutralization newer not official older once ongoing operating org/cverecord organizations overflow overflows patches perform platforms pose post potentially prepared presents prevent prioritize privilege privileges proactive promptly protected protecting provided providing puts real recent references regularly related relative relying remain request resolution resolves resources risk risks router routers running score security sensitive series server severe severity share should software span special specifically stay staying stem steps storage substantial successfully such system systems take takeovers telnet them these third thread: threat tied time times two unaddressed unauthorized under unpatched update updated updates urging used users using various vectors vendors version versions vigilant vmg4325 vulnerabilities vulnerability weaknesses where who widely windows winsock zyxel |
| Tags | Vulnerability Threat |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.