Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Vulnerability in Ivanti secure access solutions
A critical security flaw in Ivanti, CVE-2025-0283, is affecting Ivanti Connect Secure, Policy Secure, and ZTA Gateways. This stack-based buffer overflow vulnerability allows a locally authenticated attacker to escalate their privileges. Continue reading this Cybersecurity Threat Advisory to mitigate your...
Cybersecurity Threat Advisory: Fortinet zero-day vulnerability
A critical zero-day vulnerability has been found affecting Fortinet FortiOS and FortiProxy devices. This vulnerability enables attackers to bypass authentication and gain privileges. Keep reading this Cybersecurity Threat Advisory for information to keep your environment safe. What is the threat?...
Cybersecurity Threat Advisory: Aviatrix Controller vulnerability
A critical security vulnerability in the Aviatrix Controller cloud networking platform has been discovered and is actively exploited by threat actors to deploy backdoors and cryptocurrency miners. Multiple cloud deployments have reported that they have been compromised following this disclosure....
Cybersecurity Threat Advisory: Active exploitation of Ivanti’s Connect Secure VPN
A critical Ivanti Connect Secure VPN vulnerability, identified as CVE-2025-0282, was disclosed. Threat actors are actively exploiting it in the wild, primarily targeting organizations relying on Ivanti’s Zero Trust Access (ZTA) solutions. Review this Cybersecurity Threat Advisory to see how...
Cybersecurity Threat Advisory: Critical vulnerabilities in SonicWall
SonicWall disclosed three critical vulnerabilities affecting the SonicOS firmware. These flaws include an authentication bypass affecting the SSL VPN and SSH management interfaces, which can enable attackers unauthorized access upon successful exploitation. Continue reading this Cybersecurity Threat Advisory for more...
Cybersecurity Threat Advisory: Microsoft Windows zero-click RCE vulnerability
A critical Microsoft Windows Lightweight Directory Access Protocol (LDAP) vulnerability has been discovered, identified as CVE-2024-49112. The flaw has a CVSS severity score of 9.8, representing a major threat to enterprise networks. Continue reading this Cybersecurity Threat Advisory to learn...
Cybersecurity Threat Advisory: PAN-OS critical vulnerability
A critical vulnerability, tracked as CVE-2024-3393 with a CVSS score of 8.7, has been identified in Palo Alto Networks’ PAN-OS software. This flaw allows unauthenticated attackers to send specially crafted packets that can reboot affected firewalls, leading to potential service...
Cybersecurity Threat Advisory: Critical Apache Struts 2 vulnerability
The Apache Software Foundation (ASF) has issued a security update to address a critical vulnerability in both end-of-life and current versions of Apache Struts 2. Under specific conditions, this vulnerability could lead to remote code execution (RCE). Review this Cybersecurity...
The top viewed Cybersecurity Threat Advisories in 2024
2024 was a standout year in cybersecurity. With over 130 Cybersecurity Threat Advisory issued, SmarterMSP.com reflects on the most viewed emerging threats by our audience. From targeted industry attacks to zero-click vulnerabilities and high CVSS flaws, here are the top...
Cybersecurity Threat Advisory: Three critical Sophos firewall vulnerabilities
Sophos has disclosed three critical vulnerabilities in its firewall product that could allow remote unauthenticated attackers to perform structured query language (SQL) injection, execute arbitrary code, and gain privileged secure shell (SSH) access to affected devices. Review the details of...
