CyCognito Blog
Posts tagged ‘RCE’
Research
Emerging Threat: SAP NetWeaver Visual Composer CVE-2025-31324
By Emma Zaballos
Product Marketing Manager
April 28, 2025
On April 24, 2025, SAP disclosed CVE-2025-31324, a critical vulnerability (CVSS 10.0) in the Metadata Uploader of SAP NetWeaver Visual Composer 7.50, which is actively exploited. SAP released a patch, with details limited to customers, alongside other mitigation options. CyCognito has deployed detection tests and provides customers with asset lists to assess and validate remediation efforts.
Research
Emerging Threat: Ivanti Connect Secure CVE-2025-0282 and CVE-2025-0283
By Emma Zaballos
Product Marketing Manager
January 13, 2025
Ivanti disclosed two severe vulnerabilities affecting Ivanti Connect Secure VPN devices. While both vulnerabilities involve similar buffer overflow mechanisms, only one allows unauthenticated remote code execution (RCE) and has been exploited in the wild. CyCognito customers can check their assets to identify if any are potentially vulnerable to these issues using filters available in the CyCognito dashboard.
Research
Emerging Threat: Apache Struts CVE-2024-53677
By Emma Zaballos
Product Marketing Manager
December 19, 2024
CVE-2024-53677 is a critical (9.5) remote code execution(RCE) vulnerability affecting popular open-source framework Apache Struts. Affected organizations are encouraged to upgrade to Struts 6.4.0 or greater and/or migrate to the new file upload mechanism. This vulnerability is actively being exploited and poses significant danger to enterprise organizations in both the public and private sectors.
Research
Emerging Security Issue: Fortinet FortiOS CVE-2024-23113
By Emma Zaballos
Product Marketing Manager
October 16, 2024
CVE-2024-23113 is a critical (9.8) Fortinet remote code execution (RCE) vulnerability affecting a variety of Fortinet products and versions. CyCognito is investigating active tests for CVE-2024-9463. Users can check if their assets are potentially vulnerable using provided filters in the CyCognito platform.
Research
Emerging Security Issue: Multiple CUPS Vulnerabilities
By Emma Zaballos
Product Marketing Manager
October 16, 2024
On September 26, 2024, four critical RCE vulnerabilities were disclosed in components of the open-source printing system CUPS. CyCognito is investigating active detection methods for these vulnerabilities. Users can check if any assets are potentially vulnerable using provided filters in the CyCognito platform.
Topics
Search the Blog
Featured Posts
Six Signs that Exposure Management is Right for Your Organization
By Jason Pappalexis
October 14, 2024
Defensive Playbook: Understanding New Trends in External Risk with CyCognito’s State of External Exposure Management Report
By Emma Zaballos
September 23, 2024
Top Tags
CyCognito Research Report
State of External Exposure Management, Summer 2024 Edition
Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.
O'Reilly Report
Moving from Vulnerability Management to Exposure Management
Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.
Request a Free Scan
See Exactly What Attackers See
Get a Free Scan of Your Attack Surface
Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.