Critical Vulnerability Discovered in SonicWall SMA 1000 Series
Critical Vulnerability Discovered in SonicWall SMA 1000 Series Summary SonicWall has issued a critical security advisory for its SMA1000 appliances, revealing a high-severity pre-authentication remote command execution vulnerability (CVE-2025-23006) with a CVSS score of 9.8. This flaw, caused by the deserialization of untrusted data, affects Appliance Management Console (AMC) and Central Management Console (CMC) products […]
Zero-day Vulnerability Actively Exploited In Fortinet FortiGate Firewalls
Zero-day Vulnerability Actively Exploited In Fortinet FortiGate Firewalls Summary A campaign targeting Vulnerability (CVE-2024-55591, CVSS 9.6) in Fortinet FortiGate firewalls with management interfaces was exposed on the internet. Threat actors gained unauthorized access via the CLI console and made configuration changes, including adding super admin accounts and modifying SSL VPN settings. Although the exact vulnerability […]
Critical Ivanti Buffer Overflow Vulnerability Exploited in the Wild
Critical Ivanti Buffer Overflow Vulnerability Exploited in the Wild Summary CVE-2025-0282(CVSS 9.0) is a critical stack-based buffer overflow vulnerability affecting Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. The flaw allows unauthenticated remote code execution, and exploitation has been active since December 2024. The vulnerability impacts Ivanti Connect Secure versions before 22.7R2.5, Policy […]