Forwarded from Taiwan Computer Emergency Response Team/Coordination Center Security Alert TWCERTCC-200-202512-00000011
[CVE-2025-14611] Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability (CVSS v3.1: 9.8)
[Known to be exploited by ransomware: Unknown] Gladinet CentreStack and TrioFox contain a hard-coded cryptographic key vulnerability due to the implementation of their AES encryption scheme.
This vulnerability reduces the security of publicly exposed endpoints. If a specially crafted request is received without authentication, it may be affected by arbitrary local file inclusion.
[CVE-2025-43529] Apple Multiple Products Use-After-Free WebKit Vulnerability (CVSS v3.1: 8.8)
[Known to be exploited by ransomware: Unknown] A use-after-free vulnerability exists in WebKit within Apple iOS, iPadOS, macOS, and other Apple products. Processing maliciously designed web content may lead to memory corruption.
This vulnerability may affect all
HTML parsers using WebKit, including but not limited to Apple Safari and other non-Apple products that rely on WebKit for
HTML processing.
[CVE-2025-59718] Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability (CVSS v3.1: 9.8)
[Known to be exploited by ransomware: Unknown] Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulnerability.
This vulnerability may allow an unauthenticated attacker to bypass FortiCloud SSO login authentication via a specially crafted SAML message. Please note that CVE-2025-59719 involves the same issue and was mentioned in the same vendor advisory. Be sure to apply all patches listed in that advisory.
[CVE-2025-59374] ASUS Live Update Embedded Malicious Code Vulnerability (CVSS v3.1: 9.8)
[Known to be exploited by ransomware: Unknown] ASUS Live Update contains an embedded malicious code vulnerability. The client was modified and released without authorization after the supply chain was compromised.
The modified version may cause devices meeting specific target conditions to perform unexpected behaviors. Affected products may have reached End of Life (EoL) and/or End of Service (EoS). Users are advised to stop using the product immediately.
[CVE-2025-40602] SonicWall SMA1000 Missing Authorization Vulnerability (CVSS v3.1: 6.6)
[Known to be exploited by ransomware: Unknown] SonicWall SMA1000 contains a missing authorization vulnerability, which may lead to privilege escalation in the affected device's Appliance Management Console (AMC).
[CVE-2025-20393] Cisco Multiple Products Improper Input Validation Vulnerability (CVSS v3.1: 10.0)
[Known to be exploited by ransomware: Unknown] An improper input validation vulnerability exists in Cisco Secure Email Gateway, Secure Email, AsyncOS software, and Web Manager appliances. This vulnerability may allow a threat actor to execute arbitrary commands with root privileges on the underlying operating system of the affected device.
[CVE-2025-14733] WatchGuard Firebox Out of Bounds Write Vulnerability (CVSS v3.1: 9.8)
[Known to be exploited by ransomware: Unknown] The iked process of WatchGuard Fireware
OS contains an out-of-bounds write vulnerability.
This vulnerability may allow an unauthenticated remote attacker to execute arbitrary code and affects Mobile VPN with IKEv2 and Branch Office VPN with IKEv2 configured with a dynamic gateway peer.