All news with #denial of service tag

🔴 Verizon Wireless is experiencing a widespread outage across the United States, leaving affected phones displaying an SOS indicator and unable to make normal cellular calls. Reports to DownDetector began around 12 PM ET, and callers attempting to reach impacted numbers hear a recording that the called party is temporarily unavailable. The disruption appears to span multiple states rather than a single region, and some other carriers also showed issues during similar timeframes. Verizon has been contacted and the incident is under investigation.

🔒 Siemens SIMATIC and SIPLUS ET 200 family devices contain a denial-of-service vulnerability triggered by a valid S7 protocol Disconnect Request (COTP DR TPDU) received on TCP port 102. Affected modules can enter an improper session state and become unresponsive, requiring a power cycle to recover. Siemens has released firmware updates for multiple affected products and recommends applying vendor-released fixes; where updates are not available, network mitigations such as filtering TCP port 102 to trusted addresses and isolating control networks are advised.

⚠️ Node.js has released critical updates to address a bug that can force the runtime to exit rather than throw a catchable error when a stack overflow occurs with async_hooks enabled. The defect causes Node.js to terminate with exit code 7, creating a potential Denial-of-Service vector for applications whose recursion is controlled by unsanitized input. A fix is available in Node.js 20.20.0, 22.22.0, 24.13.0, and 25.3.0; older, EOL releases remain vulnerable. Users and maintainers are urged to update promptly.

⚠️ Researchers at Black Duck's Cybersecurity Research Center found a high-severity flaw in Broadcom WiFi chipset software that lets an unauthenticated attacker within radio range disable all clients on the 5 GHz band by sending a single crafted 802.11 frame. The behavior was observed while testing ASUS routers but was traced to Broadcom's chipset code rather than router firmware. Broadcom issued a patched software build to customers and ASUS released firmware updates, although a comprehensive list of affected devices has not been published. Recommended mitigations include segmenting wireless networks, auditing legacy access points, and prioritizing firmware updates based on business criticality.

⚠️ CISA warns of a high-severity denial-of-service vulnerability in Rockwell Automation 432ES-IG3 Series A (CVE-2025-9368) that can render the device unresponsive and requires a manual power cycle to recover. The issue affects firmware V1.001 and has a CVSS v3.1 base score of 7.5 (High). Rockwell Automation has released a firmware update; CISA advises implementing network segmentation, firewalling, and secure remote access while planning the upgrade.

⚠️ Multiple Cisco switch models are entering reboot loops after an apparent firmware bug in the internal DNS client began treating DNS lookup failures as fatal errors. The problem began around 2 AM and affected devices log fatal DNS_CLIENT errors (for example 'SRCADDRFAIL' when resolving 'www.cisco.com'), then reboot every few minutes, seriously disrupting network operations. Administrators report affected lines include CBS, SG and Catalyst C1200/C1300 series. Temporary mitigations include disabling DNS or SNTP on management interfaces or blocking outbound management access while Cisco investigates.

🔴 La Poste's main website and multiple digital services were taken offline by a major DDoS attack on Monday, and access remained impaired as of Wednesday morning. While email (laposte.net) and Digiposte reportedly stayed operational, online banking, the La Poste app and digital identity services were described as "temporarily inaccessible." The incident also disrupted physical operations, with some Paris post offices turning customers away. La Poste says teams are fully mobilized while analysts warn the timing suggests possible state-sponsored or hacktivist motives.

⚠️Siemens warns of a TCP sequence validation flaw in the Interniche IP-Stack (CVE-2025-40820) that can allow unauthenticated remote actors to interfere with TCP connection setup and cause denial of service. The defect accepts a broad range of sequence values, permitting precisely timed spoofed packets to disrupt TCP-based services. Siemens has released fixes for many affected SKUs and recommends updating to the published firmware versions; where fixes are not yet available, follow the vendor’s countermeasures and apply network controls to limit exposure.

🔒 CISA warns of two denial-of-service vulnerabilities in Rockwell Automation Micro820, Micro850, and Micro870 controllers (CVE-2025-13823, CVE-2025-13824) that can render devices unresponsive. One flaw is in the IPv6 stack and the other stems from improper handling of malformed CIP packets; both can cause faults that impact availability. Rockwell Automation has released firmware updates (Micro820 L20E V23.011 or later; Micro850/870 V12.013 or later) and advises disabling IPv6 if not required. CISA recommends minimizing network exposure, isolating control networks behind firewalls, and using secure remote access methods.

⚠️ A vulnerability in the web interface of Güralp Systems Fortimus, Minimus, and Certimus Series (CVE-2025-14466) allows an unauthenticated network attacker to send specially crafted HTTP requests that cause the web service process to restart. The restart produces a brief denial-of-service condition with a CVSS v3.1 base score of 5.3 (Medium). Güralp recommends operating affected systems behind a NAT or VPN firewall and contacting the vendor for further guidance. CISA advises minimizing network exposure, isolating control networks, and using secure, up-to-date remote access methods.

⚠️ The React team released patches for three vulnerabilities affecting React Server Components that could enable pre-authentication denial-of-service and disclosure of Server Function source code. Two high-severity DoS issues arise from unsafe deserialization and an incomplete remediation, while a lower-severity information-leak bug can return function source when arguments are stringified. The flaws impact react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack across multiple 19.x releases. Users are urged to upgrade to 19.0.3, 19.1.4, or 19.2.3 immediately, especially given active exploration of a related critical bug.

🔒 A vulnerability in the Grassroots DICOM (GDCM) library (CVE-2025-11266) allows an out-of-bounds write when parsing malformed encapsulated PixelData fragments. Exploitation can trigger a segmentation fault and a denial-of-service simply by opening a crafted DICOM file. Affected projects include GDCM (<=3.0.24), SimpleITK (<=2.5.2) and medInria (<=4.0). Users should update GDCM to v3.2.2 or later and apply vendor fixes; CISA also recommends isolating systems and minimizing network exposure.

⚠️ The PCI Special Interest Group (PCI-SIG) disclosed three vulnerabilities in the PCIe Integrity and Data Encryption (IDE) ECN that affect PCIe Base Specification Revision 5.0 and later, potentially allowing reordering, completion timeout redirection, and delayed posted redirection of encrypted PCIe traffic. The issues, tracked as CVE-2025-9612, CVE-2025-9613, and CVE-2025-9614, could permit information disclosure, privilege escalation, or denial of service if an attacker gains local or low-level access. Intel and AMD products are listed as affected; vendors should provide firmware updates and users must apply patches and follow PCIe 6.0 Erratum #1 guidance.

🚨 Cloudflare is experiencing an outage that is causing many websites to return an 500 Internal Server Error. The fault appears to be server-side and affects requests routed through Cloudflare, so users see an error page instead of normal content. Engineers at the provider are investigating the root cause and working to restore normal operations. This remains a developing situation and impacted sites may be unavailable until services are recovered.

⚠️ SonicWall has released patches for a high-severity SonicOS SSLVPN vulnerability (CVE-2025-40601) that can trigger a stack-based buffer overflow and remotely crash Gen7 and Gen8 firewalls. The company says the flaw allows a remote unauthenticated attacker to cause a DoS but reports no active exploitation or public PoC. Fixed versions are 7.3.1-7013+ for Gen7 and 8.0.3-8011+ for Gen8; admins unable to patch should disable SSLVPN or restrict access.

⚠️ A remote-accessible out-of-bounds read vulnerability (CVE-2025-12056) in Shelly Pro 3EM can be triggered by a specially crafted Modbus request to force the device to access illegal memory addresses and reboot. CISA assigns a CVSS v4 score of 8.3 and warns this may result in a denial-of-service condition. Shelly did not respond to coordination; users should contact the vendor, keep devices updated, minimize network exposure, and follow recommended ICS defensive practices.

⚠ A vulnerability in Shelly Pro 4PM (CVE-2025-11243) can cause device reboots and denial-of-service conditions. Due to insufficient input bounds checking in the device's JSON parser, specially crafted RPC requests can trigger memory overallocation and force a reboot. Devices running firmware prior to v1.6 are affected; CISA notes the exploit is reachable from adjacent networks with low attack complexity. Operators should update to v1.6.0 or later and limit network exposure.

⚠ Rockwell Automation reported a remotely exploitable vulnerability (CVE-2024-22019) in FactoryTalk Policy Manager that can lead to resource exhaustion and denial of service. The issue stems from Node.js HTTP handling of chunked transfer encoding (CWE-404) that permits unbounded reads from a single connection. Affected releases include Version 6.51.00 and earlier; Rockwell corrected the issue in Version 6.60.00. CISA assigns a high severity rating (CVSS v4 8.7) and recommends upgrading, minimizing network exposure, and isolating control networks behind firewalls.

🚨 Mitsubishi Electric disclosed a TCP communication vulnerability (CVE-2025-10259) in the MELSEC iQ-F Series CPU modules that can be triggered remotely to disconnect a session and cause a denial-of-service condition. The issue is remotely exploitable with low attack complexity and carries a CVSS v3.1 base score of 5.3. Mitsubishi recommends using VPNs and limiting physical and LAN access while applying vendor guidance and assessing risk.

⚠️ Cisco warned that two recently patched firewall vulnerabilities (CVE-2025-20362 and CVE-2025-20333) — previously leveraged in zero-day intrusions — are now being abused to force ASA and FTD devices into unexpected reboot loops, causing denial-of-service. The vendor issued updates on September 25 and strongly urged customers to apply fixes immediately. CISA issued an emergency 24-hour directive for U.S. federal agencies and ordered EoS ASA devices to be disconnected. Shadowserver still reports tens of thousands of internet-exposed, unpatched devices.