Page not found - Cybersecurity News Everyday

Hackers are exploiting CVE-2025-32975 (CVSS 10.0) to bypass authentication and take control of unpatched Quest KACE SMA systems. Activity includes credential theft, account creation, and RDP access. #QuestKACE #AuthenticationBypass #USA

HPE Patches Critical Aruba AOS-CX Vulnerabilities Including Authentication Bypass Flaw  Hewlett Packard Enterprise (HPE) has released security updates to address multiple vulnerabilities in its Aruba AOS-CX network operating system, including a critical flaw that could allow attackers to bypass authentication and gain administrative control.  AOS-CX comes from Aruba Networks, a part of HPE, built specifically for cloud-based networking needs. These systems run on CX-series switches found in big company campuses and data centers. Because so many rely on them, any flaws present serious concerns when discovered.  What stands out is CVE-2026-23813 - a severe flaw tied to how AOS-CX switches handle login security via their web portal. HPE confirms that hackers could abuse this weakness from afar, needing no prior access nor advanced skills. Control over compromised devices might follow, including forced changes to admin credentials. Though simple to trigger, the outcome carries heavy risk. Such exposure emerges solely through network interaction. Little effort may yield full system override.  Security hinges on timely updates, yet patch details remain sparse. Remote manipulation becomes feasible once entry points open. Without safeguards, unintended access escalates quickly. This condition persists until corrective measures apply. Come mid-advisory, the firm stated they’d seen no signs of real-world attacks nor any public tools built to exploit these flaws. Still, given how serious the weakness happens to be, rolling out fixes quickly becomes a top priority for most teams.  When updates cannot happen right away, HPE suggests ways to lower exposure. One path involves isolating management ports inside private network zones. Access rules should be tightly defined, minimizing who can connect. Unneeded web-based entry points over HTTP or HTTPS ought to be turned off completely. Trust boundaries may also tighten by using ACLs that allow only known devices to interact.  Watching system logs closely adds another layer - unexpected login efforts often show up there first. Security weaknesses fit into a wider trend of issues HPE has tackled lately. Back in July 2025, hidden login details emerged in Aruba Instant On wireless units, opening doors for unauthorized access. Before that, fixes rolled out for several problems in the StoreOnce data protection system - some let intruders skip verification steps entirely. Remote control exploits also surfaced, giving hackers potential command over affected machines.  More recently, the Cybersecurity and Infrastructure Security Agency (CISA) flagged a high-severity vulnerability in HPE OneView as actively exploited in the wild, underscoring the growing focus of threat actors on enterprise infrastructure tools. With more than 55,000 enterprise clients worldwide, HPE points out that timely updates and stronger network defenses help reduce risks. Many of these clients appear on the Fortune 500 list, highlighting the scale of exposure when security lapses occur. Because threats evolve quickly, waiting is rarely an option.  Instead, consistent maintenance becomes a quiet but steady shield. Even small delays can widen vulnerabilities across complex systems. When flaws appear in network management tools, specialists warn these often pose high risk - attackers might gain extensive access across company systems. Without immediate fixes, even unused weaknesses invite trouble down the line.  Updates applied quickly, combined with multiple protective layers, help reduce potential harm before incidents occur. When companies depend heavily on unified network systems, events such as these reveal how crucial it is to maintain constant oversight while reacting quickly when new risks appear.

HPE Patches Critical Aruba AOS-CX Vulnerabilities Including Authentication Bypass Flaw #AuthenticationBypass #authenticationbypassflaw

Cisco Secure Firewall Management Center Authentication Bypass Vulnerability - Asterisk

astricks.com/cisco-secure...
Cisco Secure Firewall Management Center Authentication Bypass Vulnerability
#CyberSecurity
#InfoSec
#NetworkSecurity
#CyberThreats
#VulnerabilityManagement
#SecurityAdvisory
#AuthenticationBypass
#ZeroDay
#ThreatIntelligence
#SecurityOperations
#SOC

IBM Issues Critical Alert Over Authentication Bypass Flaw in API Connect Platform IBM has warned organizations using its API Connect platform about a severe security vulnerability that could allow unauthorized individuals to access applications remotely. The company has urged customers to apply security updates immediately to reduce the risk of exploitation. API Connect is an enterprise-level platform designed to help organizations create, manage, and secure application programming interfaces, commonly referred to as APIs. APIs act as digital connectors that allow different software systems to communicate securely. Because these interfaces often expose internal services to external applications, business partners, and developers, they play a crucial role in modern digital operations. IBM API Connect can be deployed in multiple environments, including on-premises infrastructure, cloud-based systems, and hybrid setups. Due to this flexibility, it is widely adopted across industries such as banking, healthcare, retail, and telecommunications, where secure data exchange is essential. The vulnerability, identified as CVE-2025-13915, has been assigned a severity score of 9.8 out of 10, placing it in the highest risk category. According to IBM, the flaw affects API Connect versions 10.0.11.0 and 10.0.8.0 through 10.0.8.5. At the core of the issue is a weakness in the platform’s authentication mechanism. Under certain conditions, an attacker could bypass login checks entirely and gain access to exposed applications without providing valid credentials. The attack does not require advanced technical skill or interaction from a legitimate user, which increases the potential risk. If successfully exploited, this vulnerability could allow threat actors to reach applications that rely on API Connect as a gateway, potentially exposing sensitive systems and data. Given the role of APIs in connecting backend services, such access could have serious operational and security consequences. IBM has released updated software versions that address the flaw and has strongly recommended that administrators upgrade affected systems as soon as possible. For organizations that are unable to deploy the updates immediately, IBM has outlined temporary mitigation steps. One key recommendation is disabling the self-service sign-up feature on the Developer Portal, which can reduce exposure until a full fix is applied. The company has also provided detailed guidance for installing the updates across different environments, including VMware, OpenShift Container Platform, and Kubernetes-based deployments. While IBM has not confirmed active exploitation of this specific vulnerability, U.S. cybersecurity authorities have previously flagged multiple IBM-related security flaws as being abused in real-world attacks. In recent years, several IBM vulnerabilities were added to the U.S. Cybersecurity and Infrastructure Security Agency’s catalog of known exploited vulnerabilities, requiring federal agencies to secure affected systems under Binding Operational Directive 22-01. Some of those previously listed flaws were later linked to ransomware activity, underscoring the importance of addressing high-severity vulnerabilities promptly. Security experts advise organizations using API Connect to verify their software versions, apply updates without delay, and monitor systems closely for unusual behavior. As APIs continue to form the backbone of digital services, maintaining strong authentication controls remains critical to reducing cyber risk.

IBM Issues Critical Alert Over Authentication Bypass Flaw in API Connect Platform #APIconnect #AuthenticationBypass #IBMSecurity

IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The vulnerability, tracked as CVE-2025-13915, is rated 9.8 out of a maximum of 10.0 on the CVSS scoring system. It has been described as an authentication bypass flaw. "IBM API Connect could allow a remote attacker to bypass authentication mechanisms and gain

iT4iNT SERVER IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass VDS VPS Cloud #IBMSecurity #APIConnect #CyberSecurity #AuthenticationBypass #Vulnerability

Bug critico da score 10 per Azure Bastion. Quando RDP e SSH sul cloud sono in scacco matto

📌 Link all'articolo : www.redhotcyber.com/post/bug...

#redhotcyber #news #azurebastion #authenticationbypass #cybersecurity #hacking #remotacodeexecution #privilegeescalation

Lab: Authentication bypass via OAuth implicit flow | Web Security Academy This lab uses an OAuth service to allow users to log in with their social media account. Flawed validation by the client application makes it possible for ...

I just completed the Web Security Academy lab:

Authentication bypass via OAuth implicit flow

#AuthenticationBypass #WebAppSec #Cybersecurity

portswigger.net/web-security...

High-severity vulnerability in Passwordstate credential manager. Patch now. https://arstechni.ca #authenticationbypass #passwordmanagers #vulnerabilities #Security #patches #Biz&IT

Trend Micro Patches Critical Remote Code Execution and Authentication Bypass Flaws in Apex Central and PolicyServer Trend Micro has rolled out essential security updates to address a series of high-impact vulnerabilities discovered in two of its enterprise security solutions: Apex Central and the Endpoint Encryption (TMEE) PolicyServer. These newly disclosed issues, which include critical remote code execution (RCE) and authentication bypass bugs, could allow attackers to compromise systems without needing login credentials.  Although there have been no confirmed cases of exploitation so far, Trend Micro strongly recommends immediate patching to mitigate any potential threats. The vulnerabilities are especially concerning for organizations operating in sensitive sectors, where data privacy and regulatory compliance are paramount.  The Endpoint Encryption PolicyServer is a key management solution used to centrally control full disk and media encryption across Windows-based systems. Following the recent update, four critical issues in this product were fixed. Among them is CVE-2025-49212, a remote code execution bug that stems from insecure deserialization within PolicyValue Table Serialization Binder class. This flaw enables threat actors to run code with SYSTEM-level privileges without any authentication.  Another serious issue, CVE-2025-49213, was found in the PolicyServerWindowsService class, also involving unsafe deserialization. This vulnerability similarly allows arbitrary code execution without requiring user credentials. An additional bug, CVE-2025-49216, enables attackers to bypass authentication entirely due to faulty logic in the DbAppDomain service. Lastly, CVE-2025-49217 presents another RCE risk, though slightly more complex to exploit, allowing code execution via the ValidateToken method.  While Trend Micro categorized all four as critical, third-party advisory firm ZDI classified CVE-2025-49217 as high-severity. Besides these, the latest PolicyServer release also fixes multiple other high-severity vulnerabilities, such as SQL injection and privilege escalation flaws. The update applies to version 6.0.0.4013 (Patch 1 Update 6), and all earlier versions are affected. Notably, there are no workarounds available, making the patch essential for risk mitigation.  Trend Micro also addressed separate issues in Apex Central, the company’s centralized console for managing its security tools. Two pre-authentication RCE vulnerabilities—CVE-2025-49219 and CVE-2025-49220—were identified and patched. Both flaws are caused by insecure deserialization and could allow attackers to execute code remotely as NETWORK SERVICE without authentication.  These Apex Central vulnerabilities were resolved in Patch B7007 for the 2019 on-premise version. Customers using Apex Central as a Service will receive fixes automatically on the backend.  Given the severity of these cybersecurity vulnerabilities, organizations using these Trend Micro products should prioritize updating their systems to maintain security and operational integrity.

Trend Micro Patches Critical Remote Code Execution and Authentication Bypass Flaws in Apex Central and PolicyServer #AuthenticationBypass #CVE #CVEexploits

FortiOS Authentication Bypass Vulnerability Lets Attackers Take Full Control of Device Fortinet has disclosed a significant security vulnerability affecting multiple Fortinet products, allowing attackers to bypass authentication and gain administrative access to affected systems.

FortiOS Authentication Bypass Vulnerability Lets Attackers Take Full Control of Device
cybersecuritynews.com/fortios-auth...

#Infosec #Security #Cybersecurity #CeptBiro #FortiOS #AuthenticationBypass #Vulnerability #FullControlOfDevice

Understanding the CrushFTP Authentication Bypass Vulnerability: A Critical Cybersecurity Threat | The DefendOps Diaries Explore the critical CrushFTP authentication bypass vulnerability and its global impact on cybersecurity.

Understanding the CrushFTP Authentication Bypass Vulnerability: A Critical Cybersecurity Threat

#crushftp
#authenticationbypass
#cybersecuritythreat
#cve20252825
#infosec

Understanding the VMware Tools Authentication Bypass Vulnerability | The DefendOps Diaries Explore the VMware Tools authentication bypass vulnerability and its impact on virtual environments.

Understanding the VMware Tools Authentication Bypass Vulnerability

#vmware
#cybersecurity
#vulnerability
#infosec
#authenticationbypass

GitLab's Critical Vulnerability Fixes: What You Need to Know | The DefendOps Diaries GitLab addresses critical vulnerabilities in SAML SSO, urging immediate updates to prevent unauthorized access.

GitLab's Critical Vulnerability Fixes: What You Need to Know

#gitlab
#cybersecurity
#vulnerability
#saml
#authenticationbypass

Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches attacks to guess legitimate credentials read more about Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches

Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches reconbee.com/moxa-issues-...

#Moxaissues #authenticationbypass #vulnerability #PTswitches #CyberAttack #CyberSecurity #CyberSecurityAwareness

Critical Security Flaw Exposes Perforce Users to Administrative Takeover - DevOps.com A critical vulnerability has been discovered in Perforce software, allowing attackers to gain full administrative access to systems worldwide

devops.com/critical-sec... #CyberSecurity #PerforceVulnerability #AuthenticationBypass #InfoSec #SoftwareSecurity #DataProtection #TechSecurity #CyberThreat #ITSecurity

Exploring the Authentication Bypass in Palo Alto Networks PAN-OS - CVE-2025-0108 | The DefendOps Diaries Explore the critical CVE-2025-0108 vulnerability in PAN-OS and learn how to protect your systems from authentication bypass threats.

Exploring the Authentication Bypass in Palo Alto Networks PAN-OS - CVE-2025-0108

thedefendopsdiaries.com/exploring-th...

#cve20250108
#paloaltonetworks
#panos
#cybersecurity
#authenticationbypass
#vulnerabilitymanagement
#infosecurity
#networksecurity
#threatintelligence
#patchmanagement

Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software the company stated in an advisory read more about Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software

Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software reconbee.com/palo-alto-ne...

#paloaltonetworks #authenticationbypass #PANOS #software #paloalto

SonicWall Patches Authentication Bypass Vulnerabilities in Firewalls SonicWall has released patches for multiple vulnerabilities in SonicOS, including high-severity authentication bypass flaws.

SonicWall Patches Authentication Bypass Vulnerabilities in Firewalls
www.securityweek.com/sonicwall-pa...

#Infosec #Security #Cybersecurity #CeptBiro #SonicWall #AuthenticationBypass #Vulnerabilities #Firewalls

GitLab Urges Organizations To Patch For Authentication Bypass Vulnerability GitLab, the popular DevOps platform, has issued a critical security advisory urging organizations to immediately patch their self-managed

GitLab Urges Organizations To Patch For Authentication Bypass Vulnerability
cybersecuritynews.com/gitlab-authe...
#Infosec #Security #Cybersecurity #CeptBiro #GitLab #Patch #AuthenticationBypass #Vulnerability

GitLab Urges Organization to Patch for Bypass Vulnerability GitLab has issued an urgent call to action for organizations using its platform to patch a critical authentication bypass vulnerability.

GitLab Urges Organization to Patch for Authentication Bypass Vulnerability
gbhackers.com/gitlab-urges...
#Infosec #Security #Cybersecurity #CeptBiro #GitLab #AuthenticationBypass #Vulnerability