Author: DEFENDEDGE

Executive summary People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally, including, but not limited to, telecommunications, government, transportation, lodging, and military infrastructure networks. While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and customer edge (CE) routers, they also leverage compromised Read more

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Sales Management System A vulnerability was determined in 1000 Projects Sales Management System 1.0. This vulnerability affects unknown code of the file /superstore/admin/sales.php. The manipulation of the argument ssalescat leads to sql injection. The attack can be initiated remotely. The exploit has been Read more

CISA released thirty-two Industrial Control Systems (ICS) advisories on August 14, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-226-01 Siemens SIMATIC RTLS Locating Manager ICSA-25-226-02 Siemens COMOS ICSA-25-226-03 Siemens Engineering Platforms ICSA-25-226-04 Siemens Simcenter Femap ICSA-25-226-05 Siemens Wibu CodeMeter Runtime ICSA-25-226-06 Siemens Opcenter Quality ICSA-25-226-07 Siemens Third-Party Components in SINEC OS ICSA-25-226-08 Siemens RUGGEDCOM CROSSBOW Read more

CISA, along with the National Security Agency, the Federal Bureau of Investigation, Environmental Protection Agency, and several international partners, released comprehensive guidance to help operational technology (OT) owners and operators across all critical infrastructure sectors create and maintain OT asset inventories and supplemental taxonomies.  An asset inventory is a regularly updated, structured list of an Read more

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Adobe–Adobe Experience Manager Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result in arbitrary code execution. An attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user Read more

Today, CISA issued Emergency Directive (ED) 25-02: Mitigate Microsoft Exchange Vulnerability in response to CVE-2025-53786, a vulnerability in Microsoft Exchange server hybrid deployments.   ED 25-02 directs all Federal Civilian Executive Branch (FCEB) agencies with Microsoft Exchange hybrid environments to implement required mitigations by 9:00 AM EDT on Monday, August 11, 2025.  This vulnerability presents Read more

Note: This Alert may be updated to reflect new guidance issued by CISA or other parties.  CISA is aware of the newly disclosed high-severity vulnerability, CVE-2025-53786, that allows a cyber threat actor with administrative access to an on-premise Microsoft Exchange server to escalate privileges by exploiting vulnerable hybrid-joined configurations. This vulnerability, if not addressed, could impact Read more

CISA published a Malware Analysis Report (MAR) with analysis and associated detection signatures on files related to Microsoft SharePoint vulnerabilities: CVE-2025-49704 [CWE-94: Code Injection], CVE-2025-49706 [CWE-287: Improper Authentication], CVE-2025-53770 [CWE-502: Deserialization of Untrusted Data], and CVE-2025-53771 [CWE-287: Improper Authentication] Cyber threat actors have chained CVE-2025-49704 and CVE-2025-49706 (in an exploit chain publicly known as “ToolShell”) Read more

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 0x676e67–vproxy vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::try_from and flows into parse_ttl_extension where it is parsed as a TTL value. If an attacker supplies a TTL Read more