🐞 CVE les plus discutées dans la semaine 20

Ivanti with one this morning too.https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-on-premises-only-CVE-2025-22462?language=en_USsev:CRIT 9.8 - AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/RL:O/MPR:HAn authentication bypass in Ivanti Neurons for ITSM (on-prem o…

Urgent: Ivanti EPMM has two critical zero-days (CVE-2025-4427 & 4428) being chained for remote code execution. Patch now—attackers are actively exploiting. Over 1,400 exposed instances found in US/Germany. Details: https://redteamnews.com/red-team/cve/ivanti-epmm-zero-days-exploi…

⚠️Alerte CERT-FR⚠️Les vulnérabilités CVE-2025-4427 et CVE-2025-4428 permettent à un attaquant non authentifié d'exécuter du code arbitraire à distance dans lvanti EPMM. Elles sont activement exploitées.https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-007/

🚨 Another Ivanti exploit ALERT!Attackers are chaining two new flaws (CVE-2025-4427, 4428) for remote code execution on vulnerable EPMM versions.— Risk: Auth bypass ➕ RCE— Exploited: Yes (limited cases)⚠️ Act fast—patch now / read more: https://thehackernews.com/2025/05/ivanti-pat…

I did my first 1daying ride with my friend Sonny. Enjoy🫡Ivanti EPMM: CVE-2025-4427 and CVE-2025-4428 pre-auth RCE chain.https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/?123

Actively exploited vulnerabilities in Ivanti Endpoint Manager MobileVulnerability: Authentication bypass in EPMM's API component and a remote code execution flaw via crafted API requestsImpact: The two vulnerabilities can be chained together to fully compromise the systemCVE Numb…

Good on Watchtowr and Project Discovery folks re: CVE-2025-4427Not seeing anything in GN GOG as of now (or a month ago).Shld have a tag up tomorrow.https://projectdiscovery.io/blog/ivanti-remote-code-executionhttps://github.com/watchtowrlabs/watchTowr-vs-Ivanti-EPMM-CVE-2025-4427…

and we got our first hits on the path associated with the CVE-2025-4427 PoCs from https://ipinfo.io/23.95.168.195

Haven't looked for other PoCs, but this payload for CVE-2025-4427 is not what's in Project Discovery's or Watchtowr's examples.Please just throw your Ivanti kit in the bin, mebbe?

'And it's Friday!' 😅Si vous administrez une instance Ivanti Endpoint Manager Mobile (EPMM) c'est le moment de le mettre à jour Deux failles enchaînables permettent une exécution de code à distance, sans authentification :CVE-2025-4427 : contournement d’authentificationCVE-202…

In a security advisory published May 13, Ivanti detailed CVE-2025-4427, a medium-severity authentication bypass flaw in Endpoint Manager Mobile (EPMM), and CVE-2025-4428, a high-severity RCE vulnerability in EPMM. https://www.darkreading.com/endpoint-security/ivanti-epmm-zero-day…

Ivanti EPMM Under Siege: Critical Zero-Day Vulnerabilities Exposed and ExploitedEnterprise Security at Risk: A Deep Dive into CVE-2025-4427 and CVE-2025-4428 In an alarming turn of events, Ivanti's Endpoint Manager Mobile (EPMM) has been hit by two critical zero-day vulnerabiliti…

Two critical Ivanti zero-days (CVE-2025-4427 + CVE-2025-4428) are now being actively exploited after a surge in scanning activity last month. Immediate patching is required. Get more details here ⬇️ https://www.greynoise.io/blog/ivanti-epmm-zero-days-reconnaissance-exploitation #…

🚨 Ivanti EPMM is under active attack via two 0day flaws (CVE-2025-4427 & 4428) enabling pre-auth RCE. Exploits confirmed. Patch immediately.Read: https://hackread.com/ivanti-epmm-actively-exploited-0day-vulnerabilities/#CyberSecurity #Ivanti #0day #Vylnerability #InfoSec

[RSS] Expression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428)https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/

#Ivanti: Ivanti Endpoint Mobile Manager (#EPMM) #Vulnerabilities CVE-2025-4427 and CVE-2025-4428 Allow Remote Code Execution and being actively exploited in the wild - patch your systems now!👇https://cybersecuritynews.com/ivanti-endpoint-mobile-manager-vulnerabilities/

Ivanti with one this morning too.https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-on-premises-only-CVE-2025-22462?language=en_USsev:CRIT 9.8 - AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/RL:O/MPR:HAn authentication bypass in Ivanti Neurons for ITSM (on-prem o…

⚠️Alerte CERT-FR⚠️Les vulnérabilités CVE-2025-4427 et CVE-2025-4428 permettent à un attaquant non authentifié d'exécuter du code arbitraire à distance dans lvanti EPMM. Elles sont activement exploitées.https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-007/

I did my first 1daying ride with my friend Sonny. Enjoy🫡Ivanti EPMM: CVE-2025-4427 and CVE-2025-4428 pre-auth RCE chain.https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/?123

Actively exploited vulnerabilities in Ivanti Endpoint Manager MobileVulnerability: Authentication bypass in EPMM's API component and a remote code execution flaw via crafted API requestsImpact: The two vulnerabilities can be chained together to fully compromise the systemCVE Numb…

Good on Watchtowr and Project Discovery folks re: CVE-2025-4427Not seeing anything in GN GOG as of now (or a month ago).Shld have a tag up tomorrow.https://projectdiscovery.io/blog/ivanti-remote-code-executionhttps://github.com/watchtowrlabs/watchTowr-vs-Ivanti-EPMM-CVE-2025-4427…

'And it's Friday!' 😅Si vous administrez une instance Ivanti Endpoint Manager Mobile (EPMM) c'est le moment de le mettre à jour Deux failles enchaînables permettent une exécution de code à distance, sans authentification :CVE-2025-4427 : contournement d’authentificationCVE-202…

In a security advisory published May 13, Ivanti detailed CVE-2025-4427, a medium-severity authentication bypass flaw in Endpoint Manager Mobile (EPMM), and CVE-2025-4428, a high-severity RCE vulnerability in EPMM. https://www.darkreading.com/endpoint-security/ivanti-epmm-zero-day…

Ivanti EPMM Under Siege: Critical Zero-Day Vulnerabilities Exposed and ExploitedEnterprise Security at Risk: A Deep Dive into CVE-2025-4427 and CVE-2025-4428 In an alarming turn of events, Ivanti's Endpoint Manager Mobile (EPMM) has been hit by two critical zero-day vulnerabiliti…

We have a tag up for the Ivanti 0-day CVE — https://viz.greynoise.io/tags/ivanti-epmm-cve-2025-4428-rce-attempt?days=30 (I'm double checking we have the right CVE in the tag name, but wanted to get it up and start the backfill for folks vs be perfect).Backfill to tag the IP we s…

Two critical Ivanti zero-days (CVE-2025-4427 + CVE-2025-4428) are now being actively exploited after a surge in scanning activity last month. Immediate patching is required. Get more details here ⬇️ https://www.greynoise.io/blog/ivanti-epmm-zero-days-reconnaissance-exploitation #…

[RSS] Expression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428)https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/

#Ivanti: Ivanti Endpoint Mobile Manager (#EPMM) #Vulnerabilities CVE-2025-4427 and CVE-2025-4428 Allow Remote Code Execution and being actively exploited in the wild - patch your systems now!👇https://cybersecuritynews.com/ivanti-endpoint-mobile-manager-vulnerabilities/

And we have a leader for today's 'What the fuck?' vuln:https://security.paloaltonetworks.com/CVE-2025-0136Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls (PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series) leads to …

This PAN-OS vuln shows how broken the CVSS scoring system is:https://security.paloaltonetworks.com/CVE-2025-0136a 1.3? I mean, yes, by the CVSS scoring it makes sense, but literally NOT DOING YOUR JOB by encrypting data you send is bad. Like you could be spilling unencrypted CC…

'NOTE: The AES-128-CCM encryption algorithm is not recommended for use.'No shit.https://security.paloaltonetworks.com/CVE-2025-0136

@mttaggart TBF, the Americans and Israelis aren't doing much better: https://security.paloaltonetworks.com/CVE-2025-0136

I always recommend everyone to turn off any kind of motherboard manufacturers' driver auto-installers. They have a history of containing significant vulnerabilities leading to arbitrary code execution.The vulnerabilities discovered by MrBruh in ASUS Driver Hub again confirm this …

Critical Flaws in Asus DriverHub Allow Remote Code Execution: A Deep Dive into CVE-2025-3462 and CVE-2025-3463Security researchers have once again exposed serious gaps in consumer hardware software, with two newly discovered vulnerabilities in Asus’s pre-installed DriverHub softw…

ASUS' DriverHub flaw could let hackers remotely take control using just a crafted file. With admin privileges at stake, it's a wake-up call to update your system ASAP. Stay safe out there!https://thedefendopsdiaries.com/asus-driverhub-vulnerability-understanding-and-mitigating-cv…

Asus sotto accusa! Dei bug critici in DriverHub consentono RCE con un solo clic!Asus ha rilasciato delle patch che risolvono due vulnerabilità in Asus DriverHub. Se sfruttati con successo, questi problemi potrebbero consentire l’esecuzione remota di codice arbitrario. DriverHub è…

I always recommend everyone to turn off any kind of motherboard manufacturers' driver auto-installers. They have a history of containing significant vulnerabilities leading to arbitrary code execution.The vulnerabilities discovered by MrBruh in ASUS Driver Hub again confirm this …

Critical Flaws in Asus DriverHub Allow Remote Code Execution: A Deep Dive into CVE-2025-3462 and CVE-2025-3463Security researchers have once again exposed serious gaps in consumer hardware software, with two newly discovered vulnerabilities in Asus’s pre-installed DriverHub softw…

Asus sotto accusa! Dei bug critici in DriverHub consentono RCE con un solo clic!Asus ha rilasciato delle patch che risolvono due vulnerabilità in Asus DriverHub. Se sfruttati con successo, questi problemi potrebbero consentire l’esecuzione remota di codice arbitrario. DriverHub è…

Added new Rust clippy confusing_method_to_numeric_cast lint which checks cases like u16::max as usize: max is a function, not a constant!It fixes CVEs like https://www.mozilla.org/en-US/security/advisories/mfsa2025-09/#CVE-2025-1014.PR: https://github.com/rust-lang/rust-clippy/pu…