CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: anonmoose is Allegedly Selling the Data of Thumb Play
February 6th, 2025 (5 months ago)
|
|
|
Description: The current Archivist of the United States held an all-hands this week in which she still seemed to be in charge, 404 Media has learned.
February 6th, 2025 (5 months ago)
|
|
|
Description: Ransomware attacks netted cybercrime groups a total of $813.5 million in 2024, a decline from $1.25 billion in 2023.
The total amount extorted during the first half of 2024 stood at $459.8 million, blockchain intelligence firm Chainalysis said, adding payment activity slumped after July 2024 by about 3.94%.
"The number of ransomware events increased into H2, but on-chain payments declined,
February 6th, 2025 (5 months ago)
|
|
|
Description: Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called ValleyRAT.
The malware, first detected in 2023, is attributed to a threat actor tracked as Silver Fox, with prior attack campaigns primarily targeting Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China.
"This actor has increasingly targeted key roles
February 6th, 2025 (5 months ago)
|
|
|
Description: When it comes to protecting your company from cyberattacks, you don't have to be the fastest gazelle — you just can't afford to be the slowest.
February 6th, 2025 (5 months ago)
|
|
|
Description: British-based engineering firm IMI plc has disclosed a security breach after unknown attackers hacked into the company's systems. [...]
February 6th, 2025 (5 months ago)
|
CVE-2024-48510 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.3
ATTENTION: Exploitable remotely/low attack complexity
Vendor: ABB
Equipment: Drive Composer
Vulnerability: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow attackers unauthorized access to the file system on the host machine. An attacker can exploit this flaw to run malicious code, which could lead to the compromise of the affected system.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
ABB reports that the following Drive Composer products are affected:
Drive Composer entry: Version 2.9.0.1 and prior
Drive Composer pro: Version 2.9.0.1 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22
A vulnerability in drive composer can allow attackers unauthorized access to the file system on the host machine. An attacker can exploit this flaw to run malicious code, which could lead to the compromise of the affected system.
CVE-2024-48510 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2024-48510. A base score of 9.3 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
...
February 6th, 2025 (5 months ago)
|
|
CVE-2025-0896 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 9.2
ATTENTION: Exploitable remotely/low attack complexity
Vendor: Orthanc
Equipment: Orthanc Server
Vulnerability: Missing Authentication for Critical Function
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information, modify records, or cause a denial-of-service condition.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following Orthanc products are affected:
Orthanc server: Versions prior to 1.5.8
3.2 VULNERABILITY OVERVIEW
3.2.1 MISSING AUTHENTICATION FOR CRITICAL FUNCTION CWE-306
Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker.
CVE-2025-0896 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2025-0896. A base score of 9.2 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Healthcare and Public Health
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: Belgium
3.4 RESEARCHER
Amitay Dan reported this vulnerability to Orthanc.Souvik Kandar reported this vulnerability to CISA.
4. MITIGATIONS
Orthanc recommends that users update to the latest version or enable the HTTP authent...
EPSS Score: 0.04%
February 6th, 2025 (5 months ago)
|
|
CVE-2025-0994 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v4 8.6
ATTENTION: Exploitable remotely/low attack complexity/known public exploitation
Vendor: Trimble
Equipment: Cityworks
Vulnerability: Deserialization of Untrusted Data
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an authenticated user to perform a remote code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Trimble Cityworks, an asset and work management system, are affected:
Cityworks: All versions prior to 23.10
3.2 VULNERABILITY OVERVIEW
3.2.1 DESERIALIZATION OF UNTRUSTED DATA CWE-502
Trimble Cityworks versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server.
CVE-2025-0994 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
A CVSS v4 score has also been calculated for CVE-2025-0994. A base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Water and Wastewater Systems
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: United States
3.4 RESEARCHER
Trimble reported this vulnerability to CISA.
4. MITIGATIONS
Cityworks has released the following update guidance...
EPSS Score: 1.32%
February 6th, 2025 (5 months ago)
|
|
CVE-2024-9005 |
Description: View CSAF
1. EXECUTIVE SUMMARY
CVSS v3 7.1
ATTENTION: Exploitable remotely
Vendor: Schneider Electric
Equipment: EcoStruxure Power Monitoring Expert (PME)
Vulnerability: Deserialization of Untrusted Data
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to remotely execute code.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Schneider Electric reports that the following products are affected:
EcoStruxure Power Monitoring Expert (PME): Versions 2022 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 DESERIALIZATION OF UNTRUSTED DATA CWE-502
A deserialization of untrusted data vulnerability exists which could allow code to be remotely executed on the server when unsafely deserialized data is posted to the web server.
CVE-2024-9005 has been assigned to this vulnerability. A CVSS v3 base score of 7.1 has been assigned; the CVSS vector string is (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H).
3.3 BACKGROUND
CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Critical Manufacturing, Energy
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: France
3.4 RESEARCHER
Schneider Electric CPCERT reported this vulnerability to CISA.
4. MITIGATIONS
Schneider Electric has identified the following specific workarounds and mitigations users can apply to reduce risk:
EcoStruxure Power Monitoring Expert 2021 and prior have reached end-of-life support. Users should consider upgrading to the latest version offering of PME to resolve this issue...
EPSS Score: 0.1%
February 6th, 2025 (5 months ago)
|