All news with #security advisory tag

TP-Link fixes four critical Omada Gateway vulnerabilities

🔒 TP-Link has published firmware updates to address four security flaws in its Omada gateway devices, including two critical command injection vulnerabilities that could allow arbitrary command execution on the device OS. The issues are tracked as CVE-2025-6541, CVE-2025-6542, CVE-2025-7850 and CVE-2025-7851, affecting multiple ER, FR and G-series models. Users are urged to install the patched builds promptly and verify device configurations after upgrading.

TP-Link Omada Gateways Vulnerable to Critical RCE Flaw

⚠️ TP-Link has disclosed two command injection vulnerabilities affecting Omada gateway devices that allow execution of arbitrary OS commands. One issue, CVE-2025-6542 (CVSS 9.3), can be exploited remotely without authentication; the other, CVE-2025-6541 (CVSS 8.6), requires access to the web management interface. Thirteen models are listed as impacted and TP-Link has released firmware updates to address the flaws; administrators are urged to apply patches and verify configurations after upgrading.

CISA Confirms Exploitation of Oracle E-Business SSRF Flaw

🔒 CISA has confirmed active exploitation of CVE-2025-61884, an unauthenticated SSRF in the Oracle Configurator runtime, and added it to its Known Exploited Vulnerabilities catalog. Federal agencies are required to patch the issue by November 10, 2025. Oracle released a fix on October 11 rated 7.5 and BleepingComputer says the update blocks a leaked exploit tied to ShinyHunters and related extortion activity.

Cursor, Windsurf IDEs Exposed to 94+ Chromium Flaws

⚠️ The latest releases of Cursor and Windsurf IDEs embed outdated Chromium and V8 engines that contain at least 94 known, patched vulnerabilities. Ox Security researchers demonstrated a proof‑of‑concept exploiting CVE-2025-7656 (a Maglev JIT integer overflow) to crash Cursor, and warn that similar flaws could enable denial‑of‑service or arbitrary code execution in real attacks. Attack vectors include deeplinks, malicious extensions, poisoned README previews or documentation; the two IDEs together serve an estimated 1.8 million developers. Cursor dismissed the DoS finding as out of scope and Windsurf did not respond to inquiries.

Updates enforce SID checks, causing Windows login failures

🔒 Microsoft confirmed that Windows updates released on and after August 29, 2025 enforce additional SID checks that can break Kerberos and NTLM authentication on devices with duplicate Security Identifiers (SIDs). Affected systems — including Windows 11 24H2, Windows 11 25H2, and Windows Server 2025 — may experience failed Remote Desktop sessions, SEC_E_NO_CREDENTIALS event errors, and "access denied" messages. The fault commonly arises when images are duplicated without using Sysprep. Microsoft recommends rebuilding impacted machines with supported imaging procedures or obtaining a temporary Group Policy from Support as an interim measure.

Microsoft October 2025 Patch Causes Enterprise Failures

🚨 The October 2025 Windows security update KB5066835, intended to move cryptography from CSP to KSP, is causing widespread enterprise disruption. Affected platforms — including Windows 10 (22H2), Windows 11 (23H2–25H2) and several Windows Server releases — report smartcard and certificate failures, USB mouse/keyboard loss in WinRE, IIS ERR_CONNECTION_RESET and WUSA installation errors. Microsoft published a registry workaround (DisableCapiOverrideForRSA=0) and an out‑of‑band update (KB5070773) for some issues, but urges caution and recommends thorough testing before broad deployment.

Raisecomm RAX701-GC SSH Authentication Bypass Vulnerability

🔒 A critical authentication bypass in Raisecomm RAX701-GC devices permits SSH sessions without completing user authentication, potentially granting unauthenticated root shell access. The flaw is tracked as CVE-2025-11534 with a CVSS v3.1 score of 9.8 and CVSS v4 score of 9.3, exploitable remotely with low attack complexity. Affected firmware versions include 5.5.27_20190111, 5.5.13_20180720, and 5.5.36_20190709. CISA recommends isolating affected devices from the internet, placing control networks behind firewalls, and using secure remote access methods such as updated VPNs while contacting vendor support.

CISA Releases 10 ICS Advisories Covering Multiple Vendors

🔔 CISA released 10 Industrial Control Systems (ICS) advisories providing technical details about vulnerabilities, impacts, and mitigations affecting multiple vendors. Notable entries include Rockwell Automation products (1783-NATR, Compact GuardLogix 5370), Siemens devices (SIMATIC S7-1200, RUGGEDCOM ROS), Schneider Electric Modicon controllers and HMI software, plus camera and networking products. Administrators should review each advisory and apply recommended mitigations promptly.

CloudEdge Online Cameras/App—MQTT Wildcard Credential Risk

🔒 The CloudEdge mobile app (v4.4.2) and associated online cameras contain a credential exposure flaw assigned CVE-2025-11757 that stems from improper MQTT topic handling (CWE-155). Unsanitized topic input allows an attacker to use MQTT wildcards to subscribe to other users' messages and extract credentials and key material, enabling remote access to live feeds and camera controls. CISA calculated a CVSS v4 base score of 8.7 and highlights low attack complexity and remote exploitability. Users are advised to minimize network exposure, isolate devices behind firewalls, employ secure remote access methods such as VPNs with caution, and contact Meari Technologies support at support@mearitek.com.

Rockwell Automation 1783-NATR: Critical Remote Flaws

⚠️ Rockwell Automation's 1783-NATR network adapter contains multiple high-severity vulnerabilities, including missing authentication for critical functions, stored XSS, and CSRF. CISA assigns CVSS v4 9.9 for the most severe issue and warns these flaws can be exploited remotely with low complexity to cause denial-of-service, data modification, or credential compromise. Rockwell Automation recommends upgrading to 1.007 or later; CISA advises minimizing network exposure and isolating control networks.

Rockwell Compact GuardLogix 5370 Uncaught Exception

⚠️ Rockwell Automation has disclosed an uncaught exception vulnerability in Compact GuardLogix 5370 controllers that can be triggered by a crafted CIP unconnected explicit message and may cause a non‑recoverable fault resulting in denial-of-service. The issue is tracked as CVE-2025-9124 and carries a CVSS v4 base score of 8.7, indicating remote exploitability with low complexity. Rockwell recommends upgrading affected devices to firmware 30.14 or later; organizations unable to upgrade should follow vendor security best practices and apply network isolation measures.

Critical MinKNOW Vulnerabilities Allow Remote Access and DoS

⚠️ Oxford Nanopore Technologies MinKNOW sequencing software contains multiple remotely exploitable vulnerabilities (highest CVSS v4 8.3) that can permit unauthorized access, data manipulation, and denial-of-service on affected devices. Attackers can discover devices via network scanning, exploit authentication that trusts host IPs, and reuse tokens stored in world-readable temporary files to gain persistent access or redirect sequencing output. Oxford Nanopore advises upgrading to versions later than 24.11; CISA recommends minimizing network exposure, isolating control networks, and using secure remote access methods while applying other mitigations.

Siemens RUGGEDCOM TLS and Access Control Vulnerabilities

🔒 Siemens published an advisory (republished by CISA) for multiple vulnerabilities affecting RUGGEDCOM ROS devices, including CVE-2023-52236 and several CVE-2025-4122x issues. The flaws involve risky cryptographic algorithms, improper TLS handshake handling that can cause DoS, and an access-control enforcement failure that persists until reboot. Siemens has released updates (V5.10.0+) for many models and recommends restricting management ports, disabling web/SSH services if unused, and configuring GCM ciphers where applicable. CISA reiterates standard ICS guidance to minimize network exposure and isolate control networks.

Siemens SIMATIC S7-1200 Vulnerabilities and Patches Updates

⚠️ Siemens has published an advisory for SIMATIC S7-1200 CPU V1/V2 devices describing two high-severity vulnerabilities: an Improper Input Validation flaw (CVE-2011-20001) that can force a controller into a stop/defect state via malformed HTTP traffic, and an Authentication Bypass by Capture-Replay (CVE-2011-20002) that allows replay of engineering commands. CVSS v4 scores are high (up to 8.7); Siemens recommends updating firmware (V2.0.3/V2.0.2) and disabling the web server where possible, while CISA advises network segmentation, firewalling, and avoiding direct Internet exposure.

Critical WatchGuard Fireware OS RCE via IKEv2 VPN Exploit

🔴 A critical out-of-bounds write vulnerability (CVE-2025-9242) in WatchGuard Fireware OS could allow remote code execution via IKEv2 mobile VPN and Branch Office VPN when configured with dynamic gateway peers. Affected releases include Fireware OS 11.10.2 through 11.12.4_Update1, 12.0 through 12.11.3 and 2025.1, and WatchGuard warns devices previously configured with these peers may remain vulnerable. Shadowserver estimates over 71,000 potentially exposed devices; WatchGuard and the US NVD have published advisories and guidance, and a temporary workaround plus narrower BOVPN access policies are recommended if immediate upgrades are not possible.

Reducing Abuse of Microsoft 365 Exchange Online Direct Send

🛡️ Cisco Talos warns that Microsoft 365 Exchange Online’s Direct Send feature, intended for legacy devices and line‑of‑business appliances, is being abused to bypass standard authentication and content inspection. Attackers are leveraging these unauthenticated SMTP flows in phishing and BEC campaigns by impersonating internal users and embedding obfuscated lures such as QR codes and empty‑body messages. Talos recommends a phased approach — inventorying dependencies, migrating devices to authenticated SMTP or partner connectors, and validating mailflows before enabling RejectDirectSend — to reduce risk without disrupting critical workflows.

Microsoft fixes USB input bug that broke WinRE access

🔧 Microsoft released an out-of-band cumulative update, KB5070773, to restore USB mouse and keyboard functionality in the Windows Recovery Environment (WinRE) after October 2025 security updates disabled USB input in recovery on affected client and server builds. The patch began rolling out on October 20, 2025 and Microsoft recommends installing the latest updates. If a device cannot boot to install the patch, workarounds include using a touchscreen’s touch keyboard, connecting PS/2 peripherals, or booting from a previously created USB recovery drive.

Microsoft October update disables USB input in WinRE

⚠ After installing the October 14, 2025 security update KB5066835, USB-wired mice and keyboards do not function in the Windows Recovery Environment (WinRE), Microsoft confirmed. The devices continue to operate normally inside the Windows OS, but WinRE navigation is blocked, affecting Windows 11 (24H2, 25H2) and Windows Server 2025. Microsoft is working on a fix expected in the coming days; meanwhile users can rely on Bluetooth peripherals or legacy PS/2 input devices as a workaround.

75,000+ WatchGuard Firebox Devices Vulnerable to RCE

⚠️ Nearly 76,000 WatchGuard Firebox network appliances exposed on the public internet remain vulnerable to CVE-2025-9242, a critical (9.3) out-of-bounds write in the iked process that handles IKEv2 VPN negotiations. The flaw can be exploited without authentication by sending specially crafted IKEv2 packets to devices configured with dynamic gateway peers, potentially enabling remote code execution. WatchGuard has published patched releases and urges administrators to upgrade to supported versions immediately; 11.x is end-of-support and will not receive fixes.

CISA: Windows SMB Privilege Escalation Actively Exploited

🔒 CISA warns that threat actors are actively exploiting a high-severity Windows SMB vulnerability tracked as CVE-2025-33073, which can allow elevation to SYSTEM on unpatched machines. Microsoft patched the flaw in its June 2025 Patch Tuesday release, citing an improper access control weakness that can be abused over a network. The bug affects Windows Server, Windows 10 and Windows 11 up to 24H2. Federal agencies must remediate within three weeks under BOD 22-01, and all organizations are urged to apply the update immediately.