Overview CVE-2025-11156 is a security vulnerability identified in the Netskope agent (NS Client) on Windows systems. A local attacker with Administrator privileges could exploit this vulnerability to cause a Denial-of-Service (DoS) condition. Successful exploitation results in a system crash, commonly known as a Blue Screen of Death (BSOD). Technical Details The vulnerability arises from the improper loading of the Netskope driver as a generic kernel service. An authenticated user with Administrator privileges can trigger this flaw, leading to a system crash. The root cause lies in insufficient validation or handling within the driver when loaded in a specific context, allowing…

Overview CVE-2025-12143 is a MEDIUM severity vulnerability affecting ABB Terra AC wallbox devices. This vulnerability is classified as a stack-based buffer overflow and could potentially allow an attacker to execute arbitrary code or cause a denial-of-service (DoS) condition. It is crucial to apply the recommended mitigation steps to protect your ABB Terra AC wallbox. Technical Details The vulnerability, CVE-2025-12143, is a stack-based buffer overflow that exists within the ABB Terra AC wallbox firmware. Specifically, versions up to and including 1.8.33 are affected. A stack buffer overflow occurs when a program writes data beyond the allocated memory region on the stack.…

Overview CVE-2025-13771 is a medium-severity Arbitrary File Read vulnerability affecting WebITR, a product developed by Uniong. This flaw allows authenticated remote attackers to exploit Relative Path Traversal techniques to download sensitive system files, potentially leading to data breaches and system compromise. Technical Details The vulnerability stems from inadequate input validation within WebITR’s file handling mechanisms. Specifically, the application fails to properly sanitize user-supplied file paths when handling file download requests. An authenticated attacker can craft a malicious request containing a relative path traversal sequence (e.g., ../../../../etc/passwd) to access files outside of the intended directory. Because authentication is required, an attacker…

Overview A critical vulnerability, identified as CVE-2025-13770, has been discovered in WebITR, a software developed by Uniong. This vulnerability is a SQL Injection flaw that allows authenticated remote attackers to execute arbitrary SQL commands. Successful exploitation of this vulnerability could lead to the disclosure of sensitive database contents. Technical Details The SQL Injection vulnerability in WebITR is triggered by insufficient input sanitization when processing user-supplied data. An attacker with valid authentication credentials can craft malicious SQL queries and inject them into the application’s data processing routines. By exploiting this flaw, an attacker can bypass security measures and directly interact with…

Overview A critical SQL Injection vulnerability has been identified in Uniong’s WebITR software, tracked as CVE-2025-13769. This vulnerability allows authenticated remote attackers to inject arbitrary SQL commands. Successful exploitation could lead to unauthorized access to sensitive database information, including user credentials, confidential business data, and other critical assets. This poses a significant risk to organizations using the affected WebITR software. Technical Details CVE-2025-13769 is a SQL Injection vulnerability. Specifically, the vulnerability exists because WebITR does not properly sanitize user-supplied input before using it in SQL queries. An authenticated remote attacker can inject malicious SQL code into input fields, which the…

Overview CVE-2025-13768 is a high-severity authentication bypass vulnerability affecting WebITR, a product developed by Uniong. This vulnerability allows authenticated remote attackers to log into the system as any user by modifying a specific parameter. Exploitation requires prior knowledge of a valid user ID. Technical Details The vulnerability stems from insufficient validation of user identity during the authentication process. An attacker who has already obtained a valid user ID can manipulate a request parameter to impersonate that user and gain unauthorized access to the WebITR system. The specific parameter and method of manipulation are detailed in the TW-Cert advisories. CVSS Analysis…

Overview CVE-2025-66386 is a medium severity vulnerability affecting MISP (Malware Information Sharing Platform) versions prior to 2.5.27. This vulnerability allows a site administrator to perform path traversal when viewing pictures in the app/Model/EventReport.php file, potentially leading to unauthorized access to sensitive files on the server. Technical Details The vulnerability stems from insufficient sanitization of user-supplied input related to file paths when displaying event report pictures. A malicious or compromised site administrator could manipulate the file path to access files outside of the intended directory. This is a classic path traversal vulnerability (also known as directory traversal). Specifically, the view picture…

Overview CVE-2025-66385 is a critical privilege escalation vulnerability affecting Cerebrate versions prior to 1.30. This flaw allows authenticated, non-privileged users to elevate their privileges to higher roles, potentially including administrator, by exploiting the user-edit endpoint. This poses a significant risk to the confidentiality, integrity, and availability of Cerebrate instances. Technical Details The vulnerability resides in the UsersController::edit function within Cerebrate. An authenticated user can manipulate the role_id or organisation_id fields in the edit request. Due to insufficient validation or authorization checks, the system permits the modification of these fields, effectively granting the user a higher role or placing them in…

Overview A high-severity vulnerability, identified as CVE-2025-66384, has been discovered in MISP (Malware Information Sharing Platform) before version 2.5.24. This vulnerability resides in the app/Controller/EventsController.php file and involves insufficient validation of uploaded files, specifically related to the tmp_name parameter. This could allow an attacker to upload malicious files potentially leading to remote code execution or other security compromises. Technical Details The vulnerability stems from inadequate logic in validating the legitimacy of uploaded files within the EventsController.php file. Specifically, the checks performed on the tmp_name, which represents the temporary filename of the uploaded file on the server, are insufficient. An attacker…

Overview CVE-2025-66382 is a low-severity Denial-of-Service (DoS) vulnerability found in libexpat, specifically affecting versions up to 2.7.3. This vulnerability can be triggered by processing a specially crafted XML file, approximately 2 MiB in size, leading to significantly extended processing times, potentially rendering the system unresponsive. Technical Details The vulnerability arises from inefficient processing of certain XML structures within libexpat. A malicious actor can craft an XML file that exploits this inefficiency, causing the library to consume excessive CPU resources and prolong processing time. While the file size is relatively small (around 2 MiB), the crafted structure amplifies the processing burden,…