CyberAlerts

Patch Tuesday - March 2025

Description: Seven zero-days. Win32 EoP. Multiple filesystem driver attacks. MMC security feature bypass. Access (again). WSL magic email RCE. Malicious RDP server.

Source: Rapid7

March 11th, 2025 (4 months ago)

Microsoft March 2025 ‘Patch Tuesday’ Updates Fix Six Actively Exploited Flaws

🚨 Marked as known exploited on April 10th, 2025 (3 months ago).

Description: Microsoft has released its March 2025 Patch Tuesday security updates, addressing 57 vulnerabilities across its product lineup, including six zero-day flaws that were actively exploited in the wild. The update covers security issues affecting Windows, Microsoft Office, Azure, and other components. Microsoft fixes 6 zero-day vulnerabilities Among the most critical fixes in this month’s update … The post Microsoft March 2025 ‘Patch Tuesday’ Updates Fix Six Actively Exploited Flaws appeared first on CyberInsider.

Source: CyberInsider

March 11th, 2025 (4 months ago)

Apple Patches Zero-Day Flaw Used in Targeted iPhone Attacks

🚨 Marked as known exploited on April 10th, 2025 (3 months ago).

Description: Apple has released iOS 18.3.2 and iPadOS 18.3.2 to fix a zero-day vulnerability that may have been exploited in highly targeted attacks. This marks the third actively exploited zero-day Apple has patched in 2025. “Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted … The post Apple Patches Zero-Day Flaw Used in Targeted iPhone Attacks appeared first on CyberInsider.

Source: CyberInsider

March 11th, 2025 (4 months ago)

DieNet Targeted the Website of Trump Winery

Description: DieNet Targeted the Website of Trump Winery

Source: DarkWebInformer

March 11th, 2025 (4 months ago)

[Microsoft.AspNetCore.App.Runtime.linux-musl-arm] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability

Description: Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A vulnerability exists in ASP.NET Core applications calling RefreshSignInAsync with an improperly authenticated user parameter that could allow an attacker to sign into another user's account, resulting in Elevation of Privilege. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/348 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected software Any ASP.NET Core 9.0 application running on ASP.NET Core 9.0.2 or earlier. Any ASP.NET Core application running on ASP.NET Core 8.0.13 or earlier. Any ASP.NET Core 2.x application consuming the package Microsoft.AspNetCore.Identity version 2.3.0 or earlier. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below Package name Affected version Patched version Microsoft.AspNetCore.Identity 2.3.0 2.3.1 ASP.NET Core 9 Package name Affected version Patched version Microsoft.AspNetCore.App.Runtime.linux-arm >= 9.0.0, <= 9.0.2 9.0.3 Microsoft.AspNetCore.App.Runtime.linux-...

CVSS: HIGH (7.0)

EPSS Score: 0.16%

Source: Github Advisory Database (Nuget)

March 11th, 2025 (4 months ago)

[Microsoft.AspNetCore.App.Runtime.linux-musl-arm64] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability

Description: Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A vulnerability exists in ASP.NET Core applications calling RefreshSignInAsync with an improperly authenticated user parameter that could allow an attacker to sign into another user's account, resulting in Elevation of Privilege. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/348 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected software Any ASP.NET Core 9.0 application running on ASP.NET Core 9.0.2 or earlier. Any ASP.NET Core application running on ASP.NET Core 8.0.13 or earlier. Any ASP.NET Core 2.x application consuming the package Microsoft.AspNetCore.Identity version 2.3.0 or earlier. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below Package name Affected version Patched version Microsoft.AspNetCore.Identity 2.3.0 2.3.1 ASP.NET Core 9 Package name Affected version Patched version Microsoft.AspNetCore.App.Runtime.linux-arm >= 9.0.0, <= 9.0.2 9.0.3 Microsoft.AspNetCore.App.Runtime.linux-...

CVSS: HIGH (7.0)

EPSS Score: 0.16%

Source: Github Advisory Database (Nuget)

March 11th, 2025 (4 months ago)

[Microsoft.AspNetCore.App.Runtime.linux-musl-x64] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability

Description: Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A vulnerability exists in ASP.NET Core applications calling RefreshSignInAsync with an improperly authenticated user parameter that could allow an attacker to sign into another user's account, resulting in Elevation of Privilege. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/348 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected software Any ASP.NET Core 9.0 application running on ASP.NET Core 9.0.2 or earlier. Any ASP.NET Core application running on ASP.NET Core 8.0.13 or earlier. Any ASP.NET Core 2.x application consuming the package Microsoft.AspNetCore.Identity version 2.3.0 or earlier. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below Package name Affected version Patched version Microsoft.AspNetCore.Identity 2.3.0 2.3.1 ASP.NET Core 9 Package name Affected version Patched version Microsoft.AspNetCore.App.Runtime.linux-arm >= 9.0.0, <= 9.0.2 9.0.3 Microsoft.AspNetCore.App.Runtime.linux-...

CVSS: HIGH (7.0)

EPSS Score: 0.16%

Source: Github Advisory Database (Nuget)

March 11th, 2025 (4 months ago)

[Microsoft.AspNetCore.App.Runtime.linux-x64] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability

Description: Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A vulnerability exists in ASP.NET Core applications calling RefreshSignInAsync with an improperly authenticated user parameter that could allow an attacker to sign into another user's account, resulting in Elevation of Privilege. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/348 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected software Any ASP.NET Core 9.0 application running on ASP.NET Core 9.0.2 or earlier. Any ASP.NET Core application running on ASP.NET Core 8.0.13 or earlier. Any ASP.NET Core 2.x application consuming the package Microsoft.AspNetCore.Identity version 2.3.0 or earlier. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below Package name Affected version Patched version Microsoft.AspNetCore.Identity 2.3.0 2.3.1 ASP.NET Core 9 Package name Affected version Patched version Microsoft.AspNetCore.App.Runtime.linux-arm >= 9.0.0, <= 9.0.2 9.0.3 Microsoft.AspNetCore.App.Runtime.linux-...

CVSS: HIGH (7.0)

EPSS Score: 0.16%

Source: Github Advisory Database (Nuget)

March 11th, 2025 (4 months ago)

[Microsoft.AspNetCore.App.Runtime.osx-arm64] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability

Description: Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A vulnerability exists in ASP.NET Core applications calling RefreshSignInAsync with an improperly authenticated user parameter that could allow an attacker to sign into another user's account, resulting in Elevation of Privilege. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/348 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected software Any ASP.NET Core 9.0 application running on ASP.NET Core 9.0.2 or earlier. Any ASP.NET Core application running on ASP.NET Core 8.0.13 or earlier. Any ASP.NET Core 2.x application consuming the package Microsoft.AspNetCore.Identity version 2.3.0 or earlier. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below Package name Affected version Patched version Microsoft.AspNetCore.Identity 2.3.0 2.3.1 ASP.NET Core 9 Package name Affected version Patched version Microsoft.AspNetCore.App.Runtime.linux-arm >= 9.0.0, <= 9.0.2 9.0.3 Microsoft.AspNetCore.App.Runtime.linux-...

CVSS: HIGH (7.0)

EPSS Score: 0.16%

Source: Github Advisory Database (Nuget)

March 11th, 2025 (4 months ago)

[Microsoft.AspNetCore.App.Runtime.osx-x64] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability

Description: Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A vulnerability exists in ASP.NET Core applications calling RefreshSignInAsync with an improperly authenticated user parameter that could allow an attacker to sign into another user's account, resulting in Elevation of Privilege. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/348 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected software Any ASP.NET Core 9.0 application running on ASP.NET Core 9.0.2 or earlier. Any ASP.NET Core application running on ASP.NET Core 8.0.13 or earlier. Any ASP.NET Core 2.x application consuming the package Microsoft.AspNetCore.Identity version 2.3.0 or earlier. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below Package name Affected version Patched version Microsoft.AspNetCore.Identity 2.3.0 2.3.1 ASP.NET Core 9 Package name Affected version Patched version Microsoft.AspNetCore.App.Runtime.linux-arm >= 9.0.0, <= 9.0.2 9.0.3 Microsoft.AspNetCore.App.Runtime.linux-...

CVSS: HIGH (7.0)

EPSS Score: 0.16%

Source: Github Advisory Database (Nuget)

March 11th, 2025 (4 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	Patch Tuesday - March 2025 Description: Seven zero-days. Win32 EoP. Multiple filesystem driver attacks. MMC security feature bypass. Access (again). WSL magic email RCE. Malicious RDP server. Source: Rapid7 March 11th, 2025 (4 months ago)
	Microsoft March 2025 ‘Patch Tuesday’ Updates Fix Six Actively Exploited Flaws 🚨 Marked as known exploited on April 10th, 2025 (3 months ago). Description: Microsoft has released its March 2025 Patch Tuesday security updates, addressing 57 vulnerabilities across its product lineup, including six zero-day flaws that were actively exploited in the wild. The update covers security issues affecting Windows, Microsoft Office, Azure, and other components. Microsoft fixes 6 zero-day vulnerabilities Among the most critical fixes in this month’s update … The post Microsoft March 2025 ‘Patch Tuesday’ Updates Fix Six Actively Exploited Flaws appeared first on CyberInsider. Source: CyberInsider March 11th, 2025 (4 months ago)
	Apple Patches Zero-Day Flaw Used in Targeted iPhone Attacks 🚨 Marked as known exploited on April 10th, 2025 (3 months ago). Description: Apple has released iOS 18.3.2 and iPadOS 18.3.2 to fix a zero-day vulnerability that may have been exploited in highly targeted attacks. This marks the third actively exploited zero-day Apple has patched in 2025. “Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted … The post Apple Patches Zero-Day Flaw Used in Targeted iPhone Attacks appeared first on CyberInsider. Source: CyberInsider March 11th, 2025 (4 months ago)
	DieNet Targeted the Website of Trump Winery Description: DieNet Targeted the Website of Trump Winery Source: DarkWebInformer March 11th, 2025 (4 months ago)
	[Microsoft.AspNetCore.App.Runtime.linux-musl-arm] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Description: Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A vulnerability exists in ASP.NET Core applications calling RefreshSignInAsync with an improperly authenticated user parameter that could allow an attacker to sign into another user's account, resulting in Elevation of Privilege. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/348 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected software Any ASP.NET Core 9.0 application running on ASP.NET Core 9.0.2 or earlier. Any ASP.NET Core application running on ASP.NET Core 8.0.13 or earlier. Any ASP.NET Core 2.x application consuming the package Microsoft.AspNetCore.Identity version 2.3.0 or earlier. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below Package name Affected version Patched version Microsoft.AspNetCore.Identity 2.3.0 2.3.1 ASP.NET Core 9 Package name Affected version Patched version Microsoft.AspNetCore.App.Runtime.linux-arm >= 9.0.0, <= 9.0.2 9.0.3 Microsoft.AspNetCore.App.Runtime.linux-... CVSS: HIGH (7.0) EPSS Score: 0.16% Source: Github Advisory Database (Nuget) March 11th, 2025 (4 months ago)
	[Microsoft.AspNetCore.App.Runtime.linux-musl-arm64] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Description: Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A vulnerability exists in ASP.NET Core applications calling RefreshSignInAsync with an improperly authenticated user parameter that could allow an attacker to sign into another user's account, resulting in Elevation of Privilege. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/348 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected software Any ASP.NET Core 9.0 application running on ASP.NET Core 9.0.2 or earlier. Any ASP.NET Core application running on ASP.NET Core 8.0.13 or earlier. Any ASP.NET Core 2.x application consuming the package Microsoft.AspNetCore.Identity version 2.3.0 or earlier. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below Package name Affected version Patched version Microsoft.AspNetCore.Identity 2.3.0 2.3.1 ASP.NET Core 9 Package name Affected version Patched version Microsoft.AspNetCore.App.Runtime.linux-arm >= 9.0.0, <= 9.0.2 9.0.3 Microsoft.AspNetCore.App.Runtime.linux-... CVSS: HIGH (7.0) EPSS Score: 0.16% Source: Github Advisory Database (Nuget) March 11th, 2025 (4 months ago)
	[Microsoft.AspNetCore.App.Runtime.linux-musl-x64] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Description: Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A vulnerability exists in ASP.NET Core applications calling RefreshSignInAsync with an improperly authenticated user parameter that could allow an attacker to sign into another user's account, resulting in Elevation of Privilege. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/348 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected software Any ASP.NET Core 9.0 application running on ASP.NET Core 9.0.2 or earlier. Any ASP.NET Core application running on ASP.NET Core 8.0.13 or earlier. Any ASP.NET Core 2.x application consuming the package Microsoft.AspNetCore.Identity version 2.3.0 or earlier. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below Package name Affected version Patched version Microsoft.AspNetCore.Identity 2.3.0 2.3.1 ASP.NET Core 9 Package name Affected version Patched version Microsoft.AspNetCore.App.Runtime.linux-arm >= 9.0.0, <= 9.0.2 9.0.3 Microsoft.AspNetCore.App.Runtime.linux-... CVSS: HIGH (7.0) EPSS Score: 0.16% Source: Github Advisory Database (Nuget) March 11th, 2025 (4 months ago)
	[Microsoft.AspNetCore.App.Runtime.linux-x64] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Description: Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A vulnerability exists in ASP.NET Core applications calling RefreshSignInAsync with an improperly authenticated user parameter that could allow an attacker to sign into another user's account, resulting in Elevation of Privilege. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/348 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected software Any ASP.NET Core 9.0 application running on ASP.NET Core 9.0.2 or earlier. Any ASP.NET Core application running on ASP.NET Core 8.0.13 or earlier. Any ASP.NET Core 2.x application consuming the package Microsoft.AspNetCore.Identity version 2.3.0 or earlier. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below Package name Affected version Patched version Microsoft.AspNetCore.Identity 2.3.0 2.3.1 ASP.NET Core 9 Package name Affected version Patched version Microsoft.AspNetCore.App.Runtime.linux-arm >= 9.0.0, <= 9.0.2 9.0.3 Microsoft.AspNetCore.App.Runtime.linux-... CVSS: HIGH (7.0) EPSS Score: 0.16% Source: Github Advisory Database (Nuget) March 11th, 2025 (4 months ago)
	[Microsoft.AspNetCore.App.Runtime.osx-arm64] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Description: Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A vulnerability exists in ASP.NET Core applications calling RefreshSignInAsync with an improperly authenticated user parameter that could allow an attacker to sign into another user's account, resulting in Elevation of Privilege. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/348 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected software Any ASP.NET Core 9.0 application running on ASP.NET Core 9.0.2 or earlier. Any ASP.NET Core application running on ASP.NET Core 8.0.13 or earlier. Any ASP.NET Core 2.x application consuming the package Microsoft.AspNetCore.Identity version 2.3.0 or earlier. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below Package name Affected version Patched version Microsoft.AspNetCore.Identity 2.3.0 2.3.1 ASP.NET Core 9 Package name Affected version Patched version Microsoft.AspNetCore.App.Runtime.linux-arm >= 9.0.0, <= 9.0.2 9.0.3 Microsoft.AspNetCore.App.Runtime.linux-... CVSS: HIGH (7.0) EPSS Score: 0.16% Source: Github Advisory Database (Nuget) March 11th, 2025 (4 months ago)
	[Microsoft.AspNetCore.App.Runtime.osx-x64] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Description: Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability. A vulnerability exists in ASP.NET Core applications calling RefreshSignInAsync with an improperly authenticated user parameter that could allow an attacker to sign into another user's account, resulting in Elevation of Privilege. Announcement Announcement for this issue can be found at https://github.com/dotnet/announcements/issues/348 Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. Affected software Any ASP.NET Core 9.0 application running on ASP.NET Core 9.0.2 or earlier. Any ASP.NET Core application running on ASP.NET Core 8.0.13 or earlier. Any ASP.NET Core 2.x application consuming the package Microsoft.AspNetCore.Identity version 2.3.0 or earlier. Affected Packages The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below Package name Affected version Patched version Microsoft.AspNetCore.Identity 2.3.0 2.3.1 ASP.NET Core 9 Package name Affected version Patched version Microsoft.AspNetCore.App.Runtime.linux-arm >= 9.0.0, <= 9.0.2 9.0.3 Microsoft.AspNetCore.App.Runtime.linux-... CVSS: HIGH (7.0) EPSS Score: 0.16% Source: Github Advisory Database (Nuget) March 11th, 2025 (4 months ago)