TT-CSIRT – 445.06.08.25 – Critical RCE Vulnerabilities in Trend Micro Apex One (On-Premise) Management Console
Please be advised that Trend Micro has identified and issued mitigations for two critical command injection vulnerabilities, CVE-2025-54948 and CVE-2025-54987, affecting the Apex One (On-Premise) Management Console. Both vulnerabilities may allow…
Read MoreTT-CSIRT – 444.05.08.25 – Increased Threat Activity Targeting SSLVPN on Gen 7 SonicWall Firewalls
Please be advised that SonicWall has detected a substantial rise in cyber incidents within the past 4 days concerning Gen 7 SonicWall Firewalls that have SSL VPN activated. An ongoing…
Read MoreTT-CSIRT – 443.30.07.25 – Vulnerabilities found in some Dahua products
Please be advised that Dahua has released a security update to address two critical buffer overflow vulnerabilities CVE-2025-31700 and CVE-2025-31701 reported by the Bitdefender IoT Research Team. Impact Affected Products …
Read MoreTT-CSIRT – 442.20.07.25 – SharePoint Vulnerability
Microsoft has advised of active attacks targeting on-premises SharePoint Server customers, SharePoint Online M365 is not impacted. The attacks are exploiting a variant of CVE-2025-49706 and being assigned CVE-2025-53770 with…
Read MoreTT-CSIRT – 441.10.07.25 – Fortinet Security Advisories – SQL injection in GUI
Please be advised of the critical vulnerability CVE-2025-25257, which affects FortiWeb. This issue stems from improper handling of special characters in SQL commands, leading to a SQL Injection vulnerability (CWE-89).…
Read MoreTT-CSIRT – 440.09.04.25 – Fortinet Security Advisories
Please be advised of the following critical alert regarding multiple vulnerabilities affecting various Fortinet products, including FortiOS, FortiProxy, FortiManager, FortiAnalyzer, FortiVoice, and FortiWeb. These vulnerabilities could allow an unauthenticated attacker…
Read More