CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-0994 |
Description:
CISA is collaborating with private industry partners to respond to reports of exploitation of a vulnerability (CVE-2025-0994) discovered by Trimble impacting its Cityworks Server AMS (Asset Management System). Trimble has released security updates and an advisory addressing a recently discovered a deserialization vulnerability enabling an external actor to potentially conduct remote code execution (RCE) against a customer’s Microsoft Internet Information Services (IIS) web server.
CISA has added CVE-2025-0994 to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CISA strongly encourages users and administrators to search for indicators of compromise (IOCs) and apply the necessary updates and workarounds.
Review the following article for more information:
Trimble Advisory and IOCs for Vulnerability Affecting Cityworks Deployments
The Symantec Threat Hunter team, part of Broadcom, contributed to this guidance.
CVSS: HIGH (8.6) EPSS Score: 1.32%
February 7th, 2025 (4 months ago)
|
|
Description: Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial network access. [...]
February 7th, 2025 (4 months ago)
|
|
CVE-2025-0994 |
Description: Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server.
CVSS: HIGH (8.6) EPSS Score: 1.32%
February 7th, 2025 (4 months ago)
|
|
|
Description: Microsoft has shared a workaround for users affected by a known issue that blocks Windows security updates from deploying on some Windows 11 24H2 systems. [...]
February 7th, 2025 (4 months ago)
|
|
|
Description: Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys from publicly accessible resources, thereby putting their applications in attackers' pathway.
The tech giant's threat intelligence team said it observed limited activity in December 2024 that involved an unknown threat actor using a publicly available, static ASP.NET
February 7th, 2025 (4 months ago)
|
|
|
Description: Microsoft Edge 133 is now rolling out globally, and it ships with several improvements, including a new scareware blocker feature. In addition, Microsoft is updating the backend of the Downloads UI with performance improvements. [...]
February 7th, 2025 (4 months ago)
|
|
|
Description: Microsoft Threat Intelligence has identified a security risk involving publicly available ASP.NET machine keys, which have been exploited in code injection attacks. Microsoft’s security researchers observed limited malicious activity in December 2024, when a threat actor leveraged a publicly disclosed ASP.NET machine key to perform a ViewState code injection attack. During the investigation, Microsoft found …
The post Microsoft Warns of Code Injection via Exposed ASP.NET Keys appeared first on CyberInsider.
February 7th, 2025 (4 months ago)
|
|
CVE-2025-21408 |
Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS: HIGH (8.8) EPSS Score: 0.13%
February 7th, 2025 (4 months ago)
|
|
CVE-2025-21404 |
Description: Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVSS: MEDIUM (4.3) EPSS Score: 0.05%
February 7th, 2025 (4 months ago)
|
|
CVE-2025-21342 |
Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS: HIGH (8.8) EPSS Score: 0.13%
February 7th, 2025 (4 months ago)
|