CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: When it comes to protecting your company from cyberattacks, you don't have to be the fastest gazelle — you just can't afford to be the slowest.
February 6th, 2025 (5 months ago)
|
|
|
Description: British-based engineering firm IMI plc has disclosed a security breach after unknown attackers hacked into the company's systems. [...]
February 6th, 2025 (5 months ago)
|
CVE-2024-48510 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: ABB
Equipment: Drive Composer
Vulnerability: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow attackers unauthorized access to the file system on the host machine. An attacker can exploit this flaw to run malicious code, which could lead to the compromise of the affected system.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
ABB reports that the following Drive Composer products are affected:
Drive Composer entry: Version 2.9.0.1 and prior
Drive Composer pro: Version 2.9.0.1 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22
A vulnerability in drive composer can allow attackers unauthorized access to the file system on the host machine. An attacker can exploit this flaw to run malicious code, which could lead to the compromise of the affected system.
CVE-2024-48510 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2024-48510. A base score of 9.3 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
...
February 6th, 2025 (5 months ago)
|
|
CVE-2025-0896 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.2
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Orthanc
Equipment: Orthanc Server
Vulnerability: Missing Authentication for Critical Function
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information, modify records, or cause a denial-of-service condition.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Orthanc products are affected:
Orthanc server: Versions prior to 1.5.8
3.2 VULNERABILITY OVERVIEW
3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306
Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker.
CVE-2025-0896 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2025-0896. A base score of 9.2 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Healthcare and Public Health
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: Belgium
3.4 RESEARCHER
Amitay Dan reported this vulnerability to Orthanc.Souvik Kandar reported this vulnerability to CISA.
4. MITIGATIONS
Orthanc recommends that users update to the latest version or enable the HTTP authent...
EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2025-0994 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 8.6
ATTENTION: Exploitable remotely/low attack complexity/known public exploitation
Vendor: Trimble
Equipment: Cityworks
Vulnerability: Deserialization of Untrusted Data
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an authenticated user to perform a remote code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Trimble Cityworks, an asset and work management system, are affected:
Cityworks: All versions prior to 23.10
3.2 VULNERABILITY OVERVIEW
3.2.1 DESERIALIZATION OF UNTRUSTED DATA CWE-502
Trimble Cityworks versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server.
CVE-2025-0994 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2025-0994. A base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Water and Wastewater Systems
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: United States
3.4 RESEARCHER
Trimble reported this vulnerability to CISA.
4. MITIGATIONS
Cityworks has released the following update guidance...
EPSS Score: 1.32%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-9005 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v3 7.1
ATTENTION: Exploitable remotely
Vendor: Schneider Electric
Equipment: EcoStruxure Power Monitoring Expert (PME)
Vulnerability: Deserialization of Untrusted Data
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to remotely execute code.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Schneider Electric reports that the following products are affected:
EcoStruxure Power Monitoring Expert (PME): Versions 2022 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 DESERIALIZATION OF UNTRUSTED DATA CWE-502
A deserialization of untrusted data vulnerability exists which could allow code to be remotely executed on the server when unsafely deserialized data is posted to the web server.
CVE-2024-9005 has been assigned to this vulnerability. A CVSS v3 base score of 7.1 has been assigned; the CVSS vector string is (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Critical Manufacturing, Energy
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: France
3.4 RESEARCHER
Schneider Electric CPCERT reported this vulnerability to CISA.
4. MITIGATIONS
Schneider Electric has identified the following specific workarounds and mitigations users can apply to reduce risk:
EcoStruxure Power Monitoring Expert 2021 and prior have reached end-of-life support. Users should consider upgrading to the latest version offering of PME to resolve this issue...
EPSS Score: 0.1%
February 6th, 2025 (5 months ago)
|
|
CVE-2025-1002 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 5.7
ATTENTION: Low attack complexity
Vendor: MicroDicom
Equipment: DICOM Viewer
Vulnerability: Improper Certificate Validation
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to alter network traffic and perform a machine-in-the-middle (MITM) attack.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following MicroDicom DICOM Viewer are affected:
MicroDicom DICOM Viewer: Version 2024.03
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER CERTIFICATE VALIDATION CWE-295
MicroDicom DICOM Viewer fails to adequately verify the update server's certificate, which could make it possible for attackers in a privileged network position to alter network traffic and carry out a machine-in-the-middle (MITM) attack. This allows the attackers to modify the server's response and deliver a malicious update to the user.
CVE-2025-1002 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.7 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).
A CVSS v4 score has also been calculated for CVE-2025-1002. A base score of 5.7 has been calculated; the CVSS vector string is (AV:A/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Healthcare and Public Health
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: Bulgaria
3.4 RESEARCHER
Sharon Brizinov of Claroty Team82 reported this vulnerability to CISA.
4. MITIGATIONS
M...
EPSS Score: 0.05%
February 6th, 2025 (5 months ago)
|
|
CVE-2025-1076 |
Description: Stored Cross-Site Scripting vulnerability in Holded
Thu, 02/06/2025 - 13:45
Aviso
Affected Resources
Holded software.
Description
INCIBE has coordinated the publication of a medium severity vulnerability affecting Holded, a cloud invoicing software for small and medium-sized companies, which has been discovered by Jesús Alcalde Alcázar and Diego León Casas.This vulnerability has been assigned the following code, CVSS v3.1 base score, CVSS vector and vulnerability type CWE:CVE-2025-1076 : CVSS v3.1: 4.8 | CVSS AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | CWE-79
Identificador
INCIBE-2025-0060
3 - Medium
Solution
The CSP (Content Security Policy) configuration implemented by Holded is designed to prevent the execution of inline scripts and restrict the loading of scripts only to domains specified in its whitelist. This effectively mitigates most attack vectors related to script injection, such as this vulnerability.
Detail
CVE-2025-1076: a Stored Cross-Site Scripting (Stored XSS) vulnerability has been found in the Holded application. This vulnerability could allow an attacker to store a JavaScript payload within the editable ‘name’ and ‘icon’ parameters of the Activities functionality.
References list
Product web - Ho...
EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
|
Description: A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple's and Google's respective app stores to steal victims' mnemonic phrases associated with cryptocurrency wallets.
The attacks leverage an optical character recognition (OCR) model to exfiltrate select images containing wallet recovery phrases from photo libraries to a command-and-control (C2) server,
February 6th, 2025 (5 months ago)
|
|
|
Description: A technical overview of Cisco Talos' investigations into Google Cloud Platform Cloud Build, and the threat surface posed by the storage permission family.
February 6th, 2025 (5 months ago)
|