InfoSecBulletin Cybersecurity for mankind
It is an out-of-bounds write vulnerability in FortiOS. This vulnerability enables unauthenticated attackers to execute remote code by using malicious requests.
184 Million Leaked Credentials Discovered in Open Database
By infosecbulletin
/ Friday , May 23 2025
Security researchers have discovered a database with 184 million account credentials, highlighting the need to update compromised passwords, strengthen weak...
Read More
Palo Alto Networks Warns of XSS Flaw: PoC Released
By infosecbulletin
/ Wednesday , May 21 2025
Palo Alto Networks warns a reflected cross-site scripting (XSS) vulnerability, CVE-2025-0133, in the GlobalProtect gateway and portal features of its...
Read More
Pwn2Own Berlin reveals 29 critical vulns in major tech firms
By infosecbulletin
/ Wednesday , May 21 2025
Pwn2Own Berlin 2025, a top cybersecurity contest, awarded $1,078,750 to researchers who discovered 29 zero-day vulnerabilities in various enterprise technologies....
Read More
High-Severity Flaw Hits Atlassian Jira Data Center
By infosecbulletin
/ Wednesday , May 21 2025
A recently discovered vulnerability, CVE-2025-22157, threatens organizations using Atlassian’s Jira Core Data Center and Jira Service Management Data Center by...
Read More
All major mobile networks go down across Spain
By infosecbulletin
/ Tuesday , May 20 2025
A nationwide phone network has gone down in Spain, shortly after blackouts caused chaos and significant financial losses. Emergency services...
Read More
Researchers found 200 billion files exposed in cloud buckets
By infosecbulletin
/ Monday , May 19 2025
Billions of files, including documents, source code, and backups, are leaking because of misconfigured cloud storage. Cyble, a cybersecurity company...
Read More
Bank server compromised using customer’s mobile, steal ₹11 crore
By infosecbulletin
/ Sunday , May 18 2025
Cyber fraudsters hacked the Himachal Pradesh State Cooperative Bank's server using a customer's mobile phone. According to reports, the fraudsters...
Read More
“InfoSecCon-2025″ held successfully promising cyber resilience
By infosecbulletin
/ Sunday , May 18 2025
"InfoSecCon-2025" was successfully held with tremendous audiences with various time demanding topics and keynotes at Dhaka on 16 May- 2025....
Read More
Intel PC, laptop and server processors affected for 6 years: Report
By infosecbulletin
/ Saturday , May 17 2025
A new class of vulnerabilities in Intel processors, called Branch Predictor Race Conditions (BPRC), enables attackers to extract sensitive data...
Read More
CVSS 10.0 Flaw
Critical flaw in Siemens OZW Web Servers Enable Unauthenticated RCE
By infosecbulletin
/ Wednesday , May 14 2025
Siemens issued a security advisory (SSA-047424) for two serious vulnerabilities—CVE-2025-26389 and CVE-2025-26390—impacting the OZW672 and OZW772 web servers. These servers...
Read More
Upgrade to the latest version indicated in the following table to fix the bug, as recommended by Fortinet:
To protect against the vulnerability, disable SSL VPN on your FortiOS devices.
This flaw was disclosed today along with CVE-2024-23113 (Critical/9.8 rating), CVE-2023-44487 (Medium), and CVE-2023-47537 (Medium). However, these flaws are not marked as being exploited in the wild.
