Critical flaw in Fortinet FortiSIEM targeted in exploitation threat Researchers originally disclosed the vulnerability in August 2025, however, a proof of concept and an advisory were just released.

Critical flaw in Fortinet FortiSIEM targeted in exploitation threat
www.cybersecuritydive.com/news/critica...

#Infosec #Security #Cybersecurity #CeptBiro #CriticalFlaw #Fortinet #FortiSIEM

Critical MongoDB Flaw Allows Unauthenticated Memory Data Leaks   A critical security flaw in MongoDB could allow unauthenticated attackers to extract sensitive data directly from server memory, prompting urgent patching warnings from security researchers and the database vendor.  The vulnerability, tracked as CVE-2025-14847, affects MongoDB’s implementation of zlib compression and exposes uninitialized heap memory to remote attackers without requiring login credentials.  Researchers say the issue significantly lowers the barrier for exploitation and could lead to large scale data leaks if left unaddressed. According to security analyses published this week, the flaw exists in MongoDB’s network message decompression logic. By sending specially crafted network packets, an attacker can trigger MongoDB servers to return fragments of memory that were never intended to be shared.  This memory may contain sensitive information such as user data, credentials, cryptographic material or internal application secrets. The vulnerability impacts a broad range of MongoDB versions across several major releases.  Affected versions include MongoDB 8.2.0 through 8.2.2, 8.0.0 through 8.0.16, 7.0.0 through 7.0.27, 6.0.0 through 6.0.26, 5.0.0 through 5.0.31 and 4.4.0 through 4.4.29. Older branches including versions 4.2, 4.0 and 3.6 are also affected and do not have backported fixes.  MongoDB has released patched versions to address the issue, including 8.2.3, 8.0.17, 7.0.28, 6.0.27, 5.0.32 and 4.4.30. Security teams are being urged to upgrade immediately, particularly for servers exposed to the internet or reachable through internal network movement.  For organizations unable to patch right away, MongoDB has recommended temporary mitigations. These include disabling zlib compression in the database configuration or switching to alternative compression algorithms such as Snappy or Zstandard.  Administrators are also advised to close unused ports and restrict network access to MongoDB instances wherever possible. Technical reviews of the fix show that the vulnerability stemmed from incorrect handling of buffer sizes during decompression.  The original code returned the size of allocated memory rather than the actual length of decompressed data, leading to unintended memory disclosure.  The patch corrects this behavior by ensuring only valid data lengths are returned. Security researchers warn that while exploiting the flaw to extract large volumes of meaningful data may require repeated requests over time, the risk increases the longer a vulnerable server remains exposed. Any MongoDB deployment handling sensitive or regulated data is considered at elevated risk.

Critical MongoDB Flaw Allows Unauthenticated Memory Data Leaks #CriticalFlaw #Hackers #MongoDBExposure

Google's latest security patch finally fixes a months-old bug, and a 'critical' security flaw Google's latest Pixel software update fixes a few high-level security flawsIt's rolling out now for eligible Pixel phones and tabletsThe update also fixes a glitch with the 'Back Button' If you have a...

Google's latest security patch finally fixes a months-old bug, and a 'critical' security flaw #Technology #Cybersecurity #GoogleSecurityPatch #CriticalFlaw

Researchers Advise Caution as Veeam Releases Patch to Fix Critical Vulnerability  Following Veeam Backup & Replication's Tuesday patch release to patch a critical remote code execution vulnerability, researchers are advising customers to ensure their systems are completely upgraded to the latest version.  An authorised domain user can execute code on a backup server thanks to the vulnerability, which is tagged as CVE-2025-23121. It was previously revealed by watchTowr and Code White GmbH researchers that a fix for an earlier vulnerability, identified as CVE-2025-23120, could be circumvented. As a result of the disclosure, a new patch was prepared.  Benjamin Harris, CEO of watchTowr, claims that Veeam is essentially updating a blacklist of "dangerous deserialisation gadgets" once they have been identified. Harris said that throughout the deployment of multiple patches for the Backup & Replication product, researchers have observed this occur repeatedly. "This blacklisting approach will never be sufficient, as we advocated in March," Harris wrote in an email to Cybersecurity Dive, further stating that his team "demonstrated [this] once again in March when we reported further gadgets to Veeam that they have released patches for [on Tuesday] to address.”  Veeam stated that the patch fixes the issue, and automatic updates have been enabled for all backup versions. “When a vulnerability is identified and disclosed, attackers will still try to exploit and reverse-engineer the patches to use the vulnerability on an unpatched version of Veeam software in their exploitation attempts,” a Veeam spokesperson told Cybersecurity Dive via email. “This underlines the importance of ensuring customers are using the latest versions of all software and patches are installed in a timely manner.” In the case of a ransomware attack or other malicious infiltration, Veeam Backup & Replication is a solution that assists in backing up, replicating, and restoring enterprise data. Domain-joined backup servers, which Veeam has previously recommended against deploying, are at risk of being abused. However, it seems that the risky method is frequently employed for efficiency. Harris noted that Veeam employs a function to handle data that is known to be intrinsically insecure, and that rather than eliminating this function, they will try to maintain a list of bad "gadgets" that should not be processed within this function.  Veeam has around 550,000 customers, and ransomware gangs often exploit the product's flaws. Rapid7 researchers revealed on Tuesday that more than 20% of the firm's incident response cases in 2024 involved Veeam being accessed or abused.

Researchers Advise Caution as Veeam Releases Patch to Fix Critical Vulnerability #CriticalFlaw #SecurityPatch #UserSecurity

Apache Parquet exploit tool detect servers vulnerable to critical flaw what was classified as a remote code execution read more about Apache Parquet exploit tool detect servers vulnerable to critical flaw

Apache Parquet exploit tool detect servers vulnerable to critical flaw reconbee.com/apache-parqu...

#apacheparquet #vulnerable #criticalflaw #vulnerability #apache #cyberattack

Unpatched critical flaws impact Fancy Product Designer WordPress plugin to the following two serious vulnerabilities read more about Unpatched critical flaws impact Fancy Product Designer WordPress plugin

Unpatched critical flaws impact Fancy Product Designer WordPress plugin reconbee.com/unpatched-cr...

#unpatched #criticalflaw #fancyproductdesigner #woocommerce #wordpress #wordpresswebsite #wordpressplugin #cyberattacks

CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List commands that are executed as site users read more about CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List

CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List reconbee.com/cisa-adds-cr...

#CISA #criticalflaw #BeyondTrust #software #vulnerability #vulnerabilities #CyberSecurity #CyberSecurityAwareness

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access High-severity vulnerability in Rockwell Automation ControlLogix devices could allow unauthorized CIP commands. Urgent updates available to patch secur

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access
thehackernews.com/2024/08/crit...
#Infosec #Security #Cybersecurity #CeptBiro #CriticalFlaw #RockwellAutomationDevices #UnauthorizedAccess

Critical Flaw with Popular API Portal Let Attackers Launch SSRF Attacks A significant vulnerability in the Perforce Akana Community Manager Developer Portal found, allowing attackers to conduct SSRF attacks.

Critical Flaw With Popular API Portal Let Attackers Launch SSRF Attacks
gbhackers.com/critical-fla...
#Infosec #Security #Cybersecurity #CeptBiro #CriticalFlaw #APIPortal #SSRFAttacks