Código HTML do Conteúdo
Post: U.S. CISA adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog - Against Invaders - Notícias de CyberSecurity para humanos.
<div>
<div>
<h2>U.S. CISA adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog</h2>
<h2>U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog.</h2>
<p>The U.S. Cybersecurity and Infrastructure Security Agency (CISA)<a href="https://www.cisa.gov/news-events/alerts/2025/09/29/cisa-adds-five-known-exploited-vulnerabilities-catalog" target="_blank">added</a> Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" target="_blank">Known Exploited Vulnerabilities (KEV) catalog</a>.</p>
<p>Below are the descriptions for these flaws:</p>
<ul>
<li><a href="https://www.cve.org/CVERecord?id=CVE-2021-21311" rel="noreferrer noopener" target="_blank">CVE-2021-21311</a>Adminer Server-Side Request Forgery Vulnerability</li>
<li><a href="https://www.cve.org/CVERecord?id=CVE-2025-20352" rel="noreferrer noopener" target="_blank"></a><a href="https://securityaffairs.com/182564/hacking/cisco-fixed-actively-exploited-zero-day-in-cisco-ios-and-ios-xe-software.html" target="_blank">CVE-2025-20352</a>Cisco IOS and IOS XE Stack-based Buffer Overflow Vulnerability</li>
<li><a href="https://securityaffairs.com/182351/security/fortra-addressed-a-maximum-severity-flaw-in-goanywhere-mft-software.html" target="_blank">CVE-2025-10035</a>Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability</li>
<li><a href="https://securityaffairs.com/182552/hacking/nation-state-hackers-exploit-libraesva-email-gateway-flaw.html" target="_blank">CVE-2025-59689</a>Libraesva Email Security Gateway Command Injection Vulnerability</li>
<li><a href="https://www.cve.org/CVERecord?id=CVE-2025-32463" rel="noreferrer noopener" target="_blank"></a><a href="https://securityaffairs.com/179637/security/critical-sudo-bugs-expose-major-linux-distros-to-local-root-exploits.html" target="_blank">CVE-2025-32463</a>Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability</li>
</ul>
<p>Last week, Cisco <a href="https://securityaffairs.com/182564/hacking/cisco-fixed-actively-exploited-zero-day-in-cisco-ios-and-ios-xe-software.html" target="_blank">fixed</a> the actively exploited zero-day CVE-2025-20352, impacting Cisco IOS and IOS XE Software. The high-severity vulnerability resides in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and IOS XE Software.</p>
<p>The flaw allows remote authenticated attackers to trigger a DoS condition with low privileges or achieve root code execution with high privileges. An attacker could exploit the flaw by sending a crafted SNMP packet to a vulnerable device over IPv4 or IPv6 networks. The root cause of this vulnerability is a stack overflow condition in the SNMP subsystem of the affected software. The vulnerability impacts all devices with SNMP enabled.</p>
<p>The company Product Security Incident Response Team (PSIRT) is aware of attacks in the wild exploiting this vulnerability.</p>
<p>Another flaw added to the KeV catalog is the vulnerability <a href="https://securityaffairs.com/182647/hacking/hackers-exploit-fortra-goanywhere-flaw-before-public-alert.html" target="_blank">CVE-2025-10035</a>. Last week, cybersecurity firm watchTowr Labs revealed that it has ‘credible evidence’ that the critical Fortra GoAnywhere MFT flaw<a href="https://securityaffairs.com/182351/security/fortra-addressed-a-maximum-severity-flaw-in-goanywhere-mft-software.html" target="_blank">CVE-2025-10035</a>was actively exploited in attacks in the wild as early as September 10, 2025, a week before it was publicly disclosed.</p>
<p>Fortra GoAnywhere Managed File Transfer is a comprehensive solution for secure file transfer, data encryption, and compliance management. It provides a centralized platform for managing and automating file transfers between disparate systems and applications, enabling secure and controlled data movement across an organization’s network.</p>
<p>On September 18, Fortra<a href="https://securityaffairs.com/182351/security/fortra-addressed-a-maximum-severity-flaw-in-goanywhere-mft-software.html" target="_blank">addressed</a>a critical vulnerability, tracked as CVE-2025-10035 (CVSS score of 10.0) in GoAnywhere Managed File Transfer (MFT) software.</p>
<p>The flaw is a deserialization vulnerability in the License Servlet of Fortra’s GoAnywhere MFT. An attacker could exploit the vulnerability to execution of arbitrary commands on the affected systems.</p>
<p><em>“A deserialization vulnerability in the License Servlet of Fortra’s GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.”<a href="https://www.fortra.com/security/advisories/product-security/fi-2025-012" target="_blank">reads the advisory</a>.</em></p>
<p>The company urges customers to upgrade to a patched version (the latest release 7.8.4, or the Sustain Release 7.6.3).</p>
<p>To mitigate the vulnerability, Fortra recommends restricting public access to the GoAnywhere Admin Console, as exploitation depends on internet exposure.</p>
<p>CISA also added vulnerability <a href="https://securityaffairs.com/182552/hacking/nation-state-hackers-exploit-libraesva-email-gateway-flaw.html" target="_blank">CVE-2025-59689</a> to the catalog after Libraesva reported that nation-state actors exploited the command injection flaw in its Email Security Gateway.</p>
<p>Libraesva Email Security Gateway is an advanced secure email gateway (SEG) solution developed by the Italian cybersecurity company Libraesva.It’s designed to protect organizations against email-borne threats, including Spam and phishing emails, Business email compromise (BEC) attempts, Malware and ransomware delivered via attachments or links, Advanced persistent threats (APTs) leveraging email as an entry point.</p>
<p>An attacker could trigger the vulnerability by sending malicious emails containing specially crafted compressed attachments. The flaw lets attackers run arbitrary commands as a non-privileged user due to improper sanitization of code in certain compressed archives.</p>
<p>The company identified at least one incident involving the vulnerability and attributes the attack to a nation-state actor.</p>
<p>In early July, cybersecurity researchers disclosed two vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems. Local attackers can exploit the vulnerabilities to escalate privileges to root on affected systems.</p>
<p>Sudo (short for “superuser do”) is a command-line utility found in Unix and Linux systems. It lets a permitted user run commands with the security privileges of another user, most commonly the root user (the system’s most powerful administrative account).</p>
<p>Below is the description of the two vulnerabilities:</p>
<ul>
<li><strong><a href="https://nvd.nist.gov/vuln/detail/CVE-2025-32462" rel="noreferrer noopener" target="_blank">CVE-2025-32462</a></strong>(CVSS score: 2.8) – Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.</li>
<li><strong><a href="https://nvd.nist.gov/vuln/detail/CVE-2025-32463" rel="noreferrer noopener" target="_blank">CVE-2025-32463</a></strong>(CVSS score: 9.3) – Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the –chroot option.</li>
</ul>
<p>The Stratascale Cyber Research Unit (CRU) team discovered both local privilege vulnerabilities.</p>
<p>According to<a href="https://cyber.dhs.gov/bod/22-01/" rel="noreferrer noopener" target="_blank">Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities</a>, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.</p>
<p>Experts also recommend that private organizations review the<a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" rel="noreferrer noopener" target="_blank">Catalog</a>and address the vulnerabilities in their infrastructure.</p>
<p>CISA orders federal agencies to fix the vulnerabilities byOctober 20, 2025.</p>
<p>Follow me on Twitter:<a href="https://twitter.com/securityaffairs" target="_blank">@securityaffairs</a>and<a href="https://www.facebook.com/sec.affairs" target="_blank">Facebook</a>and<a href="https://infosec.exchange/@securityaffairs" target="_blank">Mastodon</a></p>
<p><a href="http://www.linkedin.com/pub/pierluigi-paganini/b/742/559" target="_blank">PierluigiPaganini</a></p>
<p>(<a href="http://securityaffairs.co/wordpress/" target="_blank">SecurityAffairs</a>–hacking,<a href="https://securityaffairs.com/180162/hacking/u-s-cisa-adds-fortinet-fortiweb-flaw-to-its-known-exploited-vulnerabilities-catalog.html" target="_blank">cisa</a>)</p>
<hr>
<hr>
</div></div>