Cisco fixes Twin ISE Vulnerabilities

Cisco has recently addressed two critical vulnerabilities in its Identity Services Engine (ISE), identified as CVE-2025-20124 and CVE-2025-20125. These vulnerabilities pose significant security risks, as they could allow attackers to execute arbitrary commands with elevated privileges and bypass authorization mechanisms on affected devices. Details of the Vulnerabilities CVE-2025-20124: Insecure Deserialization Vulnerability CVE-2025-20125: Authorization Bypass Vulnerability […]

Cisco addressed two critical flaws in its Identity Services Engine (ISE)

securityaffairs.co - 06/Feb 15:42

Cisco addressed critical flaws in Identity Services Engine, preventing privilege escalation and system configuration changes. Cisco addressed multiple...

Critical Cisco ISE bug can let attackers run commands as root

bleepingcomputer.com - 06/Feb 16:40

Cisco has fixed two critical Identity Services Engine (ISE) vulnerabilities that can let attackers with read-only admin privileges bypass...

CVE-2025-24085 Apple fixes Critical Zeroday

thecyberthrone.in - 28/Jan 01:20

Background CVE-2025-24085 is a critical zero-day vulnerability identified in Apple’s Core Media framework. This framework is integral to the...

Google Patched Linux Kernel RCE Vulnerability In Android Allow Attackers Gain Read/Write Access

itsecuritynews.info - 04/Feb 12:31

Google has released its February 2025 Android Security Bulletin, which addresses 47 vulnerabilities impacting Android devices. A notable issue is a...

Vulnerability Summary for the Week of January 20, 2025

itsecuritynews.info - 27/Jan 18:36

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info aEnrich Technology–a+HRD The a+HRD from aEnrich...

VMware Aria Vulnerabilities Addressed

thecyberthrone.in - 31/Jan 12:19

VMware Security Advisory VMSA-2025-0003 addresses multiple vulnerabilities identified in VMware Aria Operations for Logs and VMware Aria Operations....

FortiOS Authentication Bypass Vulnerability Exploited to Gain Super-Admin Access

itsecuritynews.info - 28/Jan 05:33

A critical zero-day vulnerability in Fortinet’s FortiOS and FortiProxy products tracked as CVE-2024-55591, has been actively exploited in the wild,...

TeamViewer Windows App Let Attackers Escalate Privileges to System User

itsecuritynews.info - 30/Jan 09:07

A critical security vulnerability has been identified in TeamViewer Clients for Windows, allowing attackers with local access to escalate their...

VMware Aria Operations Vulnerabilities Let Attackers Perform Admin Operations

itsecuritynews.info - 31/Jan 08:15

Broadcom has addressed multiple vulnerabilities in its VMware Aria Operations for Logs and VMware Aria Operations products. These vulnerabilities,...

U.S. CISA adds Linux kernel flaw to its Known Exploited Vulnerabilities catalog

securityaffairs.co - 05/Feb 21:00

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S....

Rubriques :