Security Advisories
-
2025-016: Critical Vulnerability in Ivanti Products
Thursday, April 03, 2025 04:57:40 PM CESTOn April 4, 2025, Ivanti released a security advisory regarding a critical vulnerability affecting their products. The vulnerability is known to be exploited in the wild. The vulnerability has been fixed in the February 2025 release and was initially identified as a product bug.
CERT-EU recommends upgrading to a supported and fixed version of Ivanti products as soon as possible. CERT-EU also recommends reviewing forensic evidence to detect any signs of exploitation.
-
2025-015: Critical vulnerability in CrushFTP
Thursday, April 03, 2025 04:55:47 PM CESTIn April 2025, information about an easy-to-exploit critical vulnerability affecting CrushFTP was made public. It is recommended updating affected server as soon as possible.
Proof of concepts are available, and the vulnerability is being exploited in the wild.
-
2025-014: Critical Vulnerability in Apache Tomcat
Thursday, April 03, 2025 04:55:02 PM CESTOn March 10, 2025, Apache released a security advisory regarding a critical vulnerability affecting the Apache Tomcat product.
It is recommended updating the affected assets to a fixed version of Apache Tomcat.
-
2025-013: Remote Code Execution Vulnerability in Splunk
Thursday, March 27, 2025 08:20:37 PM CETOn March 26, 2025, Splunk released a security advisory addressing a vulnerability in Splunk Enterprise and Splunk Cloud Platform that allows low-privileged users to perform Remote Code Execution (RCE).
It is recommended updating as soon as possible.
-
2025-012: Critical Vulnerabilities in Kubernetes Ingress-NGINX
Tuesday, March 25, 2025 07:54:08 PM CETOn March 24, 2025, Wiz Research disclosed a set of critical Remote Code Execution vulnerabilities in the Ingress-NGINX Controller for Kubernetes. The vulnerabilities CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974 can be exploited to gain full cluster access, resulting in a complete compromise of the environment.
The vulnerabilities affect a widely used component in Kubernetes environments responsible for routing external traffic to internal services. Clusters with publicly exposed admission webhooks are at immediate risk.
-
2025-011: Critical Vulnerabilities in Gitlab
Friday, March 14, 2025 05:03:26 PM CETOn March 13, 2025, GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), addressing nine vulnerabilities, including two critical severity flaws in the "ruby-saml" library used for SAML Single Sign-On (SSO) authentication.
It is recommended updating affected assets as soon as possible.
-
2025-010: Critical Vulnerability in Cisco IOS XR Software
Friday, March 14, 2025 05:02:50 PM CETOn March 13, 2025, CISCO released an advisory regarding a critical vulnerability identified in Cisco’s IOS XR Software.
It is recommended updating affected assets as soon as possible.
-
2025-009: Critical Vulnerabilities in Windows Remote Desktop Services
Friday, March 14, 2025 05:01:59 PM CETOn March 13, Microsoft has released its March security update, addressing 57 vulnerabilities across its product range, including six critical flaws. Among the critical vulnerabilities are CVE-2025-24035 and CVE-2025-24045, both Remote Code Execution (RCE) vulnerabilities in Windows Remote Desktop Services (RDS). Each vulnerability has been assigned a CVSSv3 score of 8.1 and is rated as critical.
It is recommended updating affected assets as soon as possible.
-
2025-008: High Vulnerabilities in Fortinet Products
Friday, March 14, 2025 05:00:37 PM CETOn March 11, 2025, Fortinet released several security advisories addressing 18 vulnerabilities ranging from low to high severity.
It is recommended updating as soon as possible.
-
2025-007: Critical Vulnerability in Kibana
Thursday, March 06, 2025 05:30:06 PM CETOn 5 March 2025, Elastic released a security update addressing a critical vulnerability in Kibana, identified as CVE-2025-25012 with a CVSS score of 9.9.
This flaw could allow an attacker to execute arbitrary code on the server. It is strongly recommended to update vulnerable Kibana instances.
-
2025-006: Critical Vulnerabilities in Mattermost
Wednesday, March 05, 2025 11:40:22 AM CETOn 23 January 2025, Mattermost used advisories for several vulnerabilities, including three critical severity flaws affecting the Board plugin. If exploited, these vulnerabilities could allow an authenticated attacker to read any file on the server, or read data directly from the database.
It is recommended to check for potential abuse, and to update vulnerable Mattermost instances.
-
2025-005: Several Vulnerabilities in VMware Products
Wednesday, March 05, 2025 11:39:29 AM CETOn March 4, 2025, Broadcom issued an advisory regarding multiple vulnerabilities in VMware products. An attacker with access to a virtual machine could escape it to execute code on the host. Those vulnerabilities are being exploited in the wild.
It is recommended applying update as soon as possible.
-
2025-004: Critical Vulnerability in SonicWall Products
Tuesday, January 28, 2025 09:36:30 AM CETOn January 22, 2025, SonicWall issued an advisory regarding a critical vulnerability in the Appliance Management Console (AMC) and Central Management Console (CMC) of the SonicWall SMA 1000. An unauthenticated, remote attacker could exploit this vulnerability to execute arbitrary code on the affected appliance. This vulnerability is being exploited in the wild.
It is recommended applying update as soon as possible.
-
2025-003: Critical Vulnerabilities in Fortinet Products
Wednesday, January 15, 2025 02:26:10 PM CETOn January 14, Fortinet released and updated several security advisories addressing multiple vulnerabilities ranging from low to critical severity. At least one critical vulnerability is known to be exploited in the wild.
It recommended updating as soon as possible, and if not possible, at least applying mitigations.
-
2025-002: Multiple Vulnerabilities in Microsoft Products
Wednesday, January 15, 2025 02:07:02 PM CETOn January 14, Microsoft has released its January 2025 Patch Tuesday updates, addressing a total of 159 security vulnerabilities across various products. The patches include fixes for critical and important-severity issues that could allow attackers to gain unauthorised access, execute arbitrary code, or elevate privileges. Three vulnerabilities were already being exploited in attacks.
-
2025-001: Critical Vulnerabilities in Ivanti Products
Friday, January 10, 2025 04:09:36 PM CETOn January 8, 2025, Ivanti announced the release of two critical vulnerabilities affecting their products Ivanti Connect Secure and Ivanti Policy Secure and Ivanti Neurons for ZTA gateways. These vulnerabilities could lead to remote code execution and privilege escalation.
[New] Ivanti's security advisory indicates that CVE-2025-0282 was being exploited on a limited number of Ivanti Connect Secure appliances at the time of disclosure.
It is strongly recommended updating affected devices as soon as possible.