All news with #authentication bypass tag

Fortinet, Ivanti, and SAP Release Emergency Patches

🔐 Fortinet, Ivanti, and SAP have released urgent patches to address high-severity authentication and code-execution flaws affecting FortiOS, FortiWeb, FortiProxy, FortiSwitchManager, Ivanti Endpoint Manager, and multiple SAP products. Fortinet's issues (CVE-2025-59718, CVE-2025-59719; CVSS 9.8) can allow FortiCloud SSO bypass via crafted SAML messages when that feature is enabled. Ivanti patched a stored XSS (CVE-2025-10573; CVSS 9.6) and additional bugs that could lead to remote code execution, while SAP's update remedies three critical flaws including a 9.9 CVSS code injection. Administrators are urged to apply vendor updates or temporarily disable affected features until systems are patched.

Sunbird DCIM dcTrack and Power IQ: Critical Flaws (2025)

🔒 CISA warns of two critical vulnerabilities in Sunbird DCIM dcTrack and Power IQ appliances that could enable unauthorized access or credential theft. One is an authentication bypass via alternate remote-access channels (CVE-2025-66238); the other involves hard‑coded/default credentials (CVE-2025-66237) with a CVSS v4 high score of 8.4. Sunbird has released fixes (dcTrack 9.2.3, Power IQ 9.2.1); until systems are updated, CISA recommends restricting SSH and nonessential ports, changing deployment passwords, isolating control networks behind firewalls, and using secure VPNs for remote access.

ASUS warns of critical auth bypass in AiCloud routers

⚠️ASUS has released firmware updates to remediate nine vulnerabilities, including a critical authentication bypass (CVE-2025-59366) affecting routers with AiCloud enabled. The flaw is caused by an unintended Samba side effect and can be exploited by unauthenticated remote attackers chaining a path traversal and an OS command injection in low-complexity attacks. Users should apply the provided firmware (3.0.0.4_386, 3.0.0.4_388, 3.0.0.6_102) immediately or follow ASUS mitigation guidance for end-of-life models.

Critical Fluent Bit Vulnerabilities Expose Telemetry Risk

⚠️ Fluent Bit, a widely deployed telemetry agent, has multiple critical vulnerabilities disclosed by Oligo Security affecting inputs, tag processing and output handling. Patches are available in Fluent Bit v4.1.1 and v4.0.12 released in early October 2025; older releases remain at risk. Operators are advised to update immediately, avoid dynamic tags, lock down output file parameters, run with least privilege and mount configuration directories read-only to reduce exposure.

ASUS Warns of Critical Auth-Bypass in DSL Routers

⚠️ ASUS has released new firmware to patch a critical authentication bypass vulnerability tracked as CVE-2025-59367 that enables remote, unauthenticated attackers to log into vulnerable DSL routers exposed online. The update — firmware 1.1.2.3_1010 — addresses the issue for DSL-AC51, DSL-N16, and DSL-AC750. ASUS urges users to install the update immediately and, if they cannot, to disable Internet-facing services (remote access, port forwarding, DDNS, VPN server, DMZ, FTP) and use strong, unique passwords as temporary mitigations.

Cisco Fixes Critical Authentication and RCE Flaws in CCX

🔒 Cisco has released security updates for Unified Contact Center Express (CCX) to address two critical vulnerabilities that can enable authentication bypass and remote code execution as root. The company issued software updates 15.0 ES01 and 12.5 SU3 ES07 and urged customers to apply them immediately. Cisco also fixed four medium-severity issues across CCX, CCE and UIC, and warned of a new attack variant affecting ASA and FTD devices tied to earlier patches.

Critical Auth Bypass in JobMonster WordPress Theme Attack

🔒 Threat actors are actively exploiting a critical authentication bypass in the JobMonster WordPress theme (CVE-2025-5397) that can lead to administrator account takeover under specific conditions. The flaw affects all versions up to 4.8.1 and is caused by the theme's check_login() function trusting external social login data without proper verification. To succeed, attackers typically need social login enabled and knowledge of an admin username or email. The issue is fixed in 4.8.2; immediate mitigations include upgrading, disabling social login, enabling two‑factor authentication, rotating credentials, and reviewing access logs.

Raisecomm RAX701-GC SSH Authentication Bypass Vulnerability

🔒 A critical authentication bypass in Raisecomm RAX701-GC devices permits SSH sessions without completing user authentication, potentially granting unauthenticated root shell access. The flaw is tracked as CVE-2025-11534 with a CVSS v3.1 score of 9.8 and CVSS v4 score of 9.3, exploitable remotely with low attack complexity. Affected firmware versions include 5.5.27_20190111, 5.5.13_20180720, and 5.5.36_20190709. CISA recommends isolating affected devices from the internet, placing control networks behind firewalls, and using secure remote access methods such as updated VPNs while contacting vendor support.

Legacy Flaws in Network Edge Devices Threaten Orgs Today

🔒 Enterprises' network edge devices — firewalls, VPNs, routers, and email gateways — are increasingly being exploited due to longstanding 1990s‑era flaws such as buffer overflows, command and SQL injections. Researchers tracked dozens of zero‑day exploits in 2024 and continuing into 2025 that affected vendors including Fortinet, Palo Alto Networks, Cisco, Ivanti, and others. These appliances are attractive targets because they are remotely accessible, often lack endpoint protections and centralized logging, and hold privileged credentials, making them common initial access vectors for state‑affiliated actors and ransomware groups.

Raise3D Pro2 Series Authentication Bypass Advisory

⚠️ CISA warns of a high-severity authentication bypass in Raise3D Pro2 Series 3D printers caused by an unauthenticated debug port that can expose the device file system. The flaw, CVE-2025-10653, has a CVSS v4 score of 8.8 and is remotely exploitable with low complexity when developer mode is enabled. Raise3D is developing firmware fixes; users should disable developer mode and limit network access until patched.

LG Innotek Cameras Authentication Bypass Vulnerability

🔒 An authentication bypass vulnerability (CVE-2025-10538) affects LG Innotek camera models LND7210 and LNV7210R (all versions). CISA rates the issue as remotely exploitable with low attack complexity — CVSS v4 base score 8.8 — and warns an attacker could gain administrative access and access user account information. LG Innotek has classified these models as end-of-life and no patch is available; CISA recommends reducing network exposure, isolating devices behind firewalls, and using secure remote access methods such as VPNs while performing risk assessments.

ABB Cylon Aspect BMS/BAS: High-Risk Firmware Flaws

🛡️ ABB has disclosed critical vulnerabilities in its ASPECT, NEXUS, and MATRIX building management and automation products that permit authentication bypass, unauthenticated critical functions, and a classic buffer overflow. Assigned CVEs include CVE-2025-53187, CVE-2025-7677, and CVE-2025-7679 with CVSS v4 scores up to 9.3. ABB resolved CVE-2025-53187 in firmware 3.08.04-s01 and recommends updating affected devices, avoiding direct Internet exposure, restricting network access segments, requiring VPN-based remote access, and changing default credentials to reduce risk.