CyCognito Blog
Posts tagged ‘Vulnerability’
Research
Emerging Threat: SAP NetWeaver Visual Composer CVE-2025-31324
By Emma Zaballos
Product Marketing Manager
April 28, 2025
On April 24, 2025, SAP disclosed CVE-2025-31324, a critical vulnerability (CVSS 10.0) in the Metadata Uploader of SAP NetWeaver Visual Composer 7.50, which is actively exploited. SAP released a patch, with details limited to customers, alongside other mitigation options. CyCognito has deployed detection tests and provides customers with asset lists to assess and validate remediation efforts.
Research
Emerging Threat: Ivanti CVE-2025-22457
By Emma Zaballos
Product Marketing Manager
April 7, 2025
CVE-2025-22457 is a critical buffer overflow vulnerability (CVSS 9.0) in Ivanti Connect Secure, Policy Secure, and ZTA Gateways, enabling unauthenticated remote code execution via a crafted X-Forwarded-For header. It has been actively exploited by espionage group UNC5221 and is listed in CISA’s KEV catalog. Patches are available for most affected products, but legacy Pulse Connect Secure devices require migration, and customers are advised to monitor for signs of compromise.
Research
Emerging Threat: Next.js CVE-2025-29927
By Emma Zaballos
Product Marketing Manager
March 27, 2025
CVE-2025-29927 is a critical authorization vulnerability (CVSS 9.1) in self-hosted Next.js applications using middleware, allowing attackers to bypass security checks with a crafted x-middleware-subrequest header. It affects versions 11.1.5 to 15.2.2, with patches available in newer releases. While there are no active exploits reported as of March 27, 2025, CyCognito has issued guidance to help organizations assess and mitigate exposure.
Research
Emerging Threat: PAN-OS CVE-2025-0108
By Emma Zaballos
Product Marketing Manager
February 18, 2025
On February 12, 2025, Palo Alto Networks announced CVE-2025-0108, a high severity (8.8) authentication bypass vulnerability affecting Palo Alto Networks PAN-OS management web interface. This issue has a public PoC and is being actively exploited. CyCognito published an emerging threat advisory on this vulnerability within the CyCognito platform.
Research
Emerging Threat: Fortinet CVE-2024-55591
By Emma Zaballos
Product Marketing Manager
January 16, 2025
On January 14, 2025, Fortinet disclosed a new critical (CVSS 9.8) authentication bypass vulnerability affecting FortiOS and FortiProxy. CVE-2024-55591 allows unauthenticated remote attackers to target the Node.js WebSocket module of the administrative interface and potentially gain super-admin privileges. CyCognito is helping customers identify assets vulnerable to CVE-2024-55591.
Research
Emerging Threat: Ivanti Connect Secure CVE-2025-0282 and CVE-2025-0283
By Emma Zaballos
Product Marketing Manager
January 13, 2025
Ivanti disclosed two severe vulnerabilities affecting Ivanti Connect Secure VPN devices. While both vulnerabilities involve similar buffer overflow mechanisms, only one allows unauthenticated remote code execution (RCE) and has been exploited in the wild. CyCognito customers can check their assets to identify if any are potentially vulnerable to these issues using filters available in the CyCognito dashboard.
Research
Emerging Threat: Windows LDAP CVE-2024-49113
By Emma Zaballos
Product Marketing Manager
January 8, 2025
CVE-2024-49113 is a high severity unauthenticated Denial of Service (DoS) vulnerability in Windows Lightweight Directory Access Protocol (LDAP). This vulnerability allows attackers to crash any unpatched Windows server with an internet-accessible DNS server by overwhelming a critical internal component of the operating system. Patching is recommended and vulnerable devices should be monitored for potential exploitation attempts.
Research
Emerging Threat: Palo Alto PAN-OS CVE-2024-3393
By Emma Zaballos
Product Marketing Manager
December 31, 2024
CVE-2024-3393 is a high severity Denial of Service (DoS) vulnerability affecting specific versions of Palo Alto Networks PAN-OS DNS Security feature. CyCognito has shared lists of potentially affected assets running PAN-OS with affected customers alongside a notification in-platform.
Research
Emerging Threat: Apache Struts CVE-2024-53677
By Emma Zaballos
Product Marketing Manager
December 19, 2024
CVE-2024-53677 is a critical (9.5) remote code execution(RCE) vulnerability affecting popular open-source framework Apache Struts. Affected organizations are encouraged to upgrade to Struts 6.4.0 or greater and/or migrate to the new file upload mechanism. This vulnerability is actively being exploited and poses significant danger to enterprise organizations in both the public and private sectors.
Research
Emerging Threat: Palo Alto PAN-OS CVE-2024-0012 & CVE-2024-9474
By Emma Zaballos
Product Marketing Manager
November 20, 2024
On November 18, 2024, Palo Alto Networks (PAN) disclosed two serious vulnerabilities in PAN-OS. Chained together, these vulnerabilities create the perfect conditions for pre-authenticated Remote Code Execution (RCE). CyCognito discovery and testing engines actively detect vulnerable assets and all customers have access to an in-platform emerging security issue announcement as of November 20th, 2024.
Topics
Search the Blog
Featured Posts
Six Signs that Exposure Management is Right for Your Organization
By Jason Pappalexis
October 14, 2024
Defensive Playbook: Understanding New Trends in External Risk with CyCognito’s State of External Exposure Management Report
By Emma Zaballos
September 23, 2024
Top Tags
CyCognito Research Report
State of External Exposure Management, Summer 2024 Edition
Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.
O'Reilly Report
Moving from Vulnerability Management to Exposure Management
Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.
Request a Free Scan
See Exactly What Attackers See
Get a Free Scan of Your Attack Surface
Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.