Alerts & Advisories

TT-CSIRT – 443.30.07.25 – Vulnerabilities found in some Dahua products

Please be advised that Dahua has released a security update to address two critical buffer overflow vulnerabilities CVE-2025-31700 and CVE-2025-31701 reported by the Bitdefender IoT Research Team. Impact Affected Products        …

Read More
TT-CSIRT – 442.20.07.25 – SharePoint Vulnerability

Microsoft has advised of active attacks targeting on-premises SharePoint Server customers, SharePoint Online M365 is not impacted. The attacks are exploiting a variant of CVE-2025-49706 and being assigned CVE-2025-53770 with…

Read More
TT-CSIRT – 441.10.07.25 – Fortinet Security Advisories – SQL injection in GUI

Please be advised of the critical vulnerability CVE-2025-25257, which affects FortiWeb. This issue stems from improper handling of special characters in SQL commands, leading to a SQL Injection vulnerability (CWE-89).…

Read More
TT-CSIRT – 440.09.04.25 – Fortinet Security Advisories

Please be advised of the following critical alert regarding multiple vulnerabilities affecting various Fortinet products, including FortiOS, FortiProxy, FortiManager, FortiAnalyzer, FortiVoice, and FortiWeb. These vulnerabilities could allow an unauthenticated attacker…

Read More
TT-CSIRT – 439.09.04.25. Security Update – FortiSwitch Vulnerability

Please be advised that Fortinet has released a security update to address a critical vulnerability (CVE-2024-48887) found in the FortiSwitch GUI. This vulnerability could enable a remote unauthenticated attacker to…

Read More
WhatsApp Phishing Campaign Alert

TTCSIRT has been made aware of an ongoing WhatsApp phishing campaign targeting users. Attackers are impersonating known contacts to trick victims into compromising their accounts. Methods of Attack: Deceptive Message:…

Read More