Forwarded from Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) Security Alert: TWCERTCC-200-202604-00000027
【CVE-2026-20122】Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability (CVSS v3.1: 5.4)
【Ransomware Exploitation: Unknown】 Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability. An attacker can exploit this by uploading malicious files to the local file system. Successful exploitation allows an attacker to overwrite arbitrary files on the affected system and obtain vmanage user privileges.
【CVE-2026-20133】Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVSS v3.1: 6.5)
【Ransomware Exploitation: Unknown】 Cisco Catalyst SD-WAN Manager contains a vulnerability where sensitive information is exposed to unauthorized actors, which may allow a remote attacker to view sensitive information on the affected system.
【CVE-2025-2749】Kentico Xperience Path Traversal Vulnerability (CVSS v3.1: 7.2)
【Ransomware Exploitation: Unknown】 Kentico Xperience contains a path traversal vulnerability that could allow an authenticated user's Staging Sync Server to upload arbitrary data to a relative path location.
【CVE-2023-27351】PaperCut NG/MF Improper Authentication Vulnerability (CVSS v3.1: 8.2)
【Ransomware Exploitation: Known】 PaperCut NG/MF contains an improper authentication vulnerability that could allow a remote attacker to bypass authentication for the affected installation via the SecurityRequestFilter class.
【CVE-2025-48700】Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability (CVSS v3.1: 6.1)
【Ransomware Exploitation: Unknown】 Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that could allow an attacker to execute arbitrary JavaScript within a user's session, leading to unauthorized access to sensitive information.
【CVE-2026-20128】Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability (CVSS v3.1: 7.5)
【Ransomware Exploitation: Unknown】 Cisco Catalyst SD-WAN Manager contains a vulnerability where passwords are stored in a recoverable format, allowing an authenticated local attacker with low-level user privileges to access the DCA user's credentials file in the file system, thereby obtaining DCA user privileges.
【CVE-2025-32975】Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability (CVSS v3.1: 10.0)
【Ransomware Exploitation: Unknown】 Quest KACE Systems Management Appliance (SMA) contains an improper authentication vulnerability that could allow an attacker to impersonate a legitimate user without valid credentials.