Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: The company's activities include project planning, construction m
anagement, expertise and consulting in civil engineering and its
specialized fields.
We are ready to upload more than 92 GB of essential corporate doc
uments such as: contact numbers and e-mail addresses of employees
and customers, financial data (audits, payment details, reports)
, corporate NDAâs, etc.
April 15th, 2025 (7 days ago)
|
|
Description: Russia-backed APT29's latest campaign once again uses malicious invites to wine-tasting events as its lure, but this time targets a different set of vintages â errr, victims â and delivers a novel backdoor, GrapeLoader.
April 15th, 2025 (7 days ago)
|
|
|
Description: CISA released nine Industrial Control Systems (ICS) advisories on April 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
ICSA-25-105-01 Siemens Mendix Runtime
ICSA-25-105-02 Siemens Industrial Edge Device Kit
ICSA-25-105-03 Siemens SIMOCODE, SIMATIC, SIPLUS, SIDOOR, SIWAREX
ICSA-25-105-04 Growatt Cloud Applications
ICSA-25-105-05 Lantronix Xport
ICSA-25-105-06 National Instruments LabVIEW
ICSA-25-105-07 Delta Electronics COMMGR
ICSA-25-105-08 ABB M2M Gateway
ICSA-25-105-09 Mitsubishi Electric Europe B.V. smartRTUÂ
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.
April 15th, 2025 (7 days ago)
|
CVE-2025-3232 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Mitsubishi Electric Europe B.V.
Equipment: smartRTU
Vulnerability: Missing Authentication for Critical Function, OS Command Injection
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to disclose, tamper with, destroy or delete information in the product, or cause a denial-of service condition on the product.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Mitsubishi Electric Europe reports following versions of smartRTU are affected:
smartRTU: Versions 3.37 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 Missing Authentication for Critical Function CWE-306
A remote unauthenticated attacker may be able to bypass authentication by utilizing a specific API route to execute arbitrary OS commands.
CVE-2025-3232 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).
A CVSS v4 score has also been calculated forâŻCVE-2025-3232. A base score of 8.7 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H).
3.2.1 Improper Neutralization of Special Elements used in an OS Command CWE-78
A remote unauthenticated attacker who has bypassed authentication could execute arbitrary OS commands to disclose, tamper with, destroy or delete information in Mitsubishi Electr...
April 15th, 2025 (7 days ago)
|
|
CVE-2025-3495 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Delta Electronics
Equipment: COMMGR
Vulnerability: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow for an attacker to remotely access the AS3000Simulator family in the COMMGR software and execute arbitrary code.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of COMMGR, a software management platform that contain virtual PLCs, are affected:
COMMGR (Version 1): All versions
COMMGR (Version 2): All versions
3.2 VULNERABILITY OVERVIEW
3.2.1 USE OF CRYPTOGRAPHICALLY WEAK PSEUDO-RANDOM NUMBER GENERATOR (PRNG) CWE-338
The software uses insufficiently randomized values to generate session IDs. An attacker could easily brute force a session ID and load and execute arbitrary code.
CVE-2025-3495 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated forâŻCVE-2025-3495. A base score of 9.3 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Communications, Critical Manufacturing, Energy, Healthcare and Public Health
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: Ta...
EPSS Score: 0.07%
April 15th, 2025 (7 days ago)
|
|
CVE-2025-30511 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Growatt
Equipment: Cloud Applications
Vulnerabilities: Cross-site Scripting, Authorization Bypass Through User-Controlled Key, Insufficient Type Distinction, External Control of System or Configuration Setting
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to compromise confidentiality, achieve cross-site scripting, or code execution on affected devices.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Growatt products are affected:
Growatt cloud portal: Versions prior to 3.6.0
3.2 VULNERABILITY OVERVIEW
3.2.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-79
An authenticated attacker can achieve stored XSS by exploiting improper sanitization of the plant name value while adding or editing a plant.
CVE-2025-30511 has been assigned to this vulnerability. A CVSS v3.1 base score of 8.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
A CVSS v4 score has also been calculated forâŻCVE-2025-30511. A base score of 8.7 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.2.2 Authorization Bypass Through User-Controlled Key CWE-639
An unauthenticated attacker can check the existence of usernames in the system by querying an API.
CVE-2025-31933 has been assigned to this vulnerability. A CVSS v3...
EPSS Score: 0.05%
April 15th, 2025 (7 days ago)
|
|
CVE-2025-2567 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Lantronix
Equipment: Xport
Vulnerability: Missing Authentication for Critical Function
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker unauthorized access to the configuration interface and cause disruption to monitoring and operations.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Lantronix products are affected:
Xport: Versions 6.5.0.7 to 7.0.0.3
3.2 VULNERABILITY OVERVIEW
3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306
An attacker could modify or disable settings, disrupt fuel monitoring and supply chain operations, leading to disabling of ATG monitoring. This would result in potential safety hazards in fuel storage and transportation.
CVE-2025-2567 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated forâŻCVE-20XX-XXXX. A base score of 9.3 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing, Energy, Transportation Systems, Water and Wastewater Systems
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: United States
3.4 RESEARCHER
Souvik Kandar from Microsec(microsec.io) reported this vulnerability to CISA.
4. MITIGATI...
EPSS Score: 0.05%
April 15th, 2025 (7 days ago)
|
|
Description: The dismantling of a sophisticated dark web laundering network tied to over $24 million in illicit funds has revealed just how vulnerable even the most anonymity-conscious actors can be when digital traces are left behind â particularly across encrypted messaging platforms and cloud services. Anurag Pramod Murarka, a 30-year-old Indian national operating under aliases like âŚ
The post Dark Web Launderer Unmasked Through Apple iCloud and Messaging Apps appeared first on CyberInsider.
April 15th, 2025 (7 days ago)
|
|
CVE-2025-29281 |
Description: In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability in the attach component to upload arbitrary files and execute code within them.
EPSS Score: 0.08% SSVC Exploitation: poc
April 15th, 2025 (7 days ago)
|
|
CVE-2025-28145 |
Description: Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via partition in /boafrm/formDiskFormat.
EPSS Score: 4.33%
April 15th, 2025 (7 days ago)
|