#StopRansomware: Interlock

Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware…

Comments Off on #StopRansomware: Interlock

Vulnerability Summary for the Week of July 14, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info aapanel--aapanel WP Toolkit The aapanel WP Toolkit plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization…

Comments Off on Vulnerability Summary for the Week of July 14, 2025

Vulnerability Summary for the Week of July 7, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info Radiflow--iSAP Smart Collector The device has two web servers that expose unauthenticated REST APIs on the management network (TCP…

Comments Off on Vulnerability Summary for the Week of July 7, 2025

Vulnerability Summary for the Week of June 30, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info ABB--RMC-100 Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the…

Comments Off on Vulnerability Summary for the Week of June 30, 2025

Vulnerability Summary for the Week of June 23, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info 70mai--M300 A vulnerability was found in 70mai M300 up to 20250611 and classified as critical. Affected by this issue…

Comments Off on Vulnerability Summary for the Week of June 23, 2025

Vulnerability Summary for the Week of June 16, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info _CreativeMedia_--Elite Video Player Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in _CreativeMedia_ Elite Video Player…

Comments Off on Vulnerability Summary for the Week of June 16, 2025

Vulnerability Summary for the Week of June 9, 2025

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source Info Acer--ControlCenter Acer ControlCenter contains Remote Code Execution vulnerability. The program exposes a Windows Named Pipe that uses a custom…

Comments Off on Vulnerability Summary for the Week of June 9, 2025

CISA Releases Cybersecurity Advisory on SimpleHelp RMM Vulnerability

Today, CISA released Cybersecurity Advisory: Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider. This advisory is in response to ransomware actors targeting customers…

Comments Off on CISA Releases Cybersecurity Advisory on SimpleHelp RMM Vulnerability