News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: critical

Microsoft Patchday: Over 1.000 security updates in February 2025  
14. February 2025
| No comments
| Short news
B2B Cyber ​​Security ShortNews

From February 6th to 11th, Microsoft provided 1.212 notices and security updates for its services and systems on Patch Day. Among them are 55 critical vulnerabilities which, according to the description, allow code to be executed remotely. The list is very long and not easy to keep track of: Microsoft currently lists a total of 1.212 vulnerabilities in its security updates for February. Most of these are closed for individual devices through the automatic operating system update. However, system administrators should pay particular attention to the 55 critical vulnerabilities, 21 of which alone affect the security of Microsoft...

Read more

Lexmark devices with five dangerous vulnerabilities
7. February 2025
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Provider Lexmark reports one critical and four highly dangerous vulnerabilities for its devices. Remote code can be executed in all of them, and the critical vulnerability with a CVSS value of 9.1 gives attackers two options. Firmware updates are available. The list published by Lexmark is unfortunately a bit confusing. The manufacturer lists the gaps in one list, but without a severity level and without a date. Many of the gaps have therefore been known for a long time. The first five entries are new, starting with the critical 9.1 gap. Over 100 Lexmark models are affected...

Read more

SonicWall firewall appliance with critical vulnerability
5. February 2025
| No comments
| Short news
B2B Cyber ​​Security ShortNews

SonicWall has reported a critical 9.8 vulnerability in the SMA1000 appliance. SonicWall has released a corresponding update that should be used immediately. SMA100 appliances are not affected by the vulnerability. SonicWall has discovered a serious security vulnerability (SNWLID-2025-0002) in its SMA1000 network security solutions. This vulnerability could allow attackers to gain unauthorized access to affected systems, which could lead to potential data loss or manipulation. The vulnerability has a critical CVSS score of 9.8 out of 10 and should therefore be addressed immediately. Critical vulnerability - immediately...

Read more

Oracle releases 318 security updates in January
31 January 2025
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The list of 318 security updates does not immediately show the risk ratings with CVSS values, but a look at the descriptions quickly shows that the package contains a large number of critical updates with ratings between 9.0 and 10, as well as many highly dangerous vulnerabilities. The Oracle Critical Patch Update from January 2025 contains 318 security updates for numerous products. A risk matrix shows the affected components and CVSS scores for risk assessment. Workarounds offer temporary protection measures if direct patching is not possible. Oracle emphasizes the importance of prompt updates, as attacks on known vulnerabilities continue to be observed...

Read more

SAP patches in January close critical gaps
27 January 2025
| No comments
| Short news
B2B Cyber ​​Security ShortNews

SAP has published its January list of vulnerabilities, including two critical ones with a CVSS score of 9.9 out of 10, as well as three highly dangerous gaps from 7.8 to 8.8 out of 10. Patches are available and should be installed urgently. SAP published thirteen new SAP security notices on the first patch day in 2025, including two critical gaps with a CVSS score of 9.9 and three highly dangerous vulnerabilities. A further six gaps are of medium danger, and another is of low danger. SAP is already providing updates. Two critical vulnerabilities with a CVSS score of 9.9 The first critical security notice CVE-2025-0070 with a CVSS score of 9.9 addresses a…

Read more

Moxa industrial switch with critical 9.2 vulnerability
24 January 2025
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The provider of industrial switches Moxa reports a critical vulnerability with a CVSS base score of 9.2 out of 10 in its security advisory. Hackers could break in using brute force attacks. The currently available security patch should be installed immediately. In mid-January 2025, Moxa published a security notice with the ID MPSA-241407, which concerns a critical security vulnerability in the EDS-508A series. This vulnerability, with the CVE-2024-12297, allows attackers to bypass authentication and gain unauthorized access to the system. All firmware versions up to and including 3.11 are affected. The vulnerability CVE-2024-12297 is classified as critical with a CVSS base score of 9.2...

Read more

FortiOS and FortiProxy: Attacks on zero-day vulnerability
15 January 2025
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The BSI has already issued the second highest warning level, orange, for the actively exploited vulnerabilities in FortiOS and FortiProxy. The zero-day vulnerability CVE-2024-55591 is rated 9.6 out of 10 according to CVSS and is therefore critical. According to the BSI warning, Fortinet published an advisory on January 14th about a vulnerability in Fortiproxy and FortiOS, the operating system used on the FortiGate firewall product range, among others. The vulnerability with the identifier CVE-2024-55591 was rated 9.6 as critical according to the Common Vulnerability Scoring System (CVSS) and allows an unauthenticated attacker to gain super admin privileges. It is…

Read more

BSI: Critical 9.3 vulnerability in PaloAlto Networks Expedition
12 January 2025
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The BSI warns urgently about a critical vulnerability in the next-generation firewall (NGFW) platform PaloAlto Networks Expedition with a CVSS score of 9.3 out of 10. PaloAlto itself only rates the threat as 7.8 and as highly dangerous. The BSI writes in its warning about the next-generation firewall (NGFW) platform "PaloAlto Networks Expedition" with a critical CVSS score of 9.3: "A remote, anonymous attacker can exploit several vulnerabilities in PaloAlto Networks Expedition to manipulate data, disclose information, conduct a cross-site scripting attack, or execute commands." PaloAltoNetworks provides security advisory On January 8, 2025, Palo Alto Networks published a security warning...

Read more

CISA warns: Fortinet products with critical 9.8 security vulnerability 
20 October 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The critical security vulnerability CVE-2024-23113 in various versions of FortiOS, FortiPAM, FortiProxy and FortiWeb has been known since February, but according to CISA it is currently being exploited. Fortinet provides all the information to close the gaps. According to the experts at Fortinet, the security vulnerability "Formatting string error in fgfmd" is very dangerous. The critical security vulnerability has a CVSS 3.1 score of 9.8 out of 10. Fortinet has listed the vulnerability and also provides a workaround for the affected versions. The vulnerability affects various versions of FortiOS, FortiPAM, FortiProxy and FortiWeb. The update overview lists exactly the affected...

Read more

Cisco licensing tool with critical 9.8 vulnerabilities
September 10, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Cisco reports critical vulnerabilities in the Cisco Smart Licensing Utility that achieve a CVSS score of 9.8 out of 10. These vulnerabilities allow an unauthenticated, remote attacker to collect sensitive information or gain administrative rights over the software. Updates are available. On September 4, 2024, Cisco published two vulnerabilities that pose a serious security risk. The Smart Licensing Utility allows attackers to either gain administrative control or intercept sensitive information from the logs without authentication. Since there are no workarounds, customers should urgently install the software updates published by Cisco to protect their...

Read more

© 2025 MedPressIT Selinger
Cookie Settings