TT-CSIRT – 443.30.07.25 – Vulnerabilities found in some Dahua products
Please be advised that Dahua has released a security update to address two critical buffer overflow vulnerabilities CVE-2025-31700 and CVE-2025-31701 reported by the Bitdefender IoT Research Team. Impact Affected Products …
Read MoreTT-CSIRT – 442.20.07.25 – SharePoint Vulnerability
Microsoft has advised of active attacks targeting on-premises SharePoint Server customers, SharePoint Online M365 is not impacted. The attacks are exploiting a variant of CVE-2025-49706 and being assigned CVE-2025-53770 with…
Read MoreTT-CSIRT – 441.10.07.25 – Fortinet Security Advisories – SQL injection in GUI
Please be advised of the critical vulnerability CVE-2025-25257, which affects FortiWeb. This issue stems from improper handling of special characters in SQL commands, leading to a SQL Injection vulnerability (CWE-89).…
Read MoreTT-CSIRT – 440.09.04.25 – Fortinet Security Advisories
Please be advised of the following critical alert regarding multiple vulnerabilities affecting various Fortinet products, including FortiOS, FortiProxy, FortiManager, FortiAnalyzer, FortiVoice, and FortiWeb. These vulnerabilities could allow an unauthenticated attacker…
Read MoreTT-CSIRT – 439.09.04.25. Security Update – FortiSwitch Vulnerability
Please be advised that Fortinet has released a security update to address a critical vulnerability (CVE-2024-48887) found in the FortiSwitch GUI. This vulnerability could enable a remote unauthenticated attacker to…
Read MoreWhatsApp Phishing Campaign Alert
TTCSIRT has been made aware of an ongoing WhatsApp phishing campaign targeting users. Attackers are impersonating known contacts to trick victims into compromising their accounts. Methods of Attack: Deceptive Message:…
Read More