Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, February 08, 2025.
CVE-2025-21293 PoC Exploit Code Released
CVE-2025-21293 is an elevation of privilege vulnerability in Active Directory Domain Services. The vulnerability arises from excessive permissions granted to the Network Configuration Operators group, which can be exploited to achieve system-level privileges. This issue was initially discovered in September 2024 and was subsequently patched in January 2025.
The vulnerability exists because the Network Configuration Operators group, intended to grant limited network configuration privileges, has permissions to create subkeys under critical registry keys like DnsCache and NetBT. This oversight enables attackers to exploit these permissions to gain elevated privileges…..
Redis was affected by CVE-2024-51741 and CVE-2024-46981
CVE-2024-51741 is a vulnerability affecting Redis, an open-source in-memory data structure store used as a database, cache, and message broker. The issue arises when an authenticated user with sufficient privileges creates a malformed Access Control List (ACL) selector. When this malformed selector is accessed, it causes the Redis server to panic and crash, leading to a denial of service (DoS)…..
CVE-2024-46981 is a vulnerability that also affects Redis. It involves the misuse of the Lua scripting functionality within Redis. An authenticated user can craft a specific Lua script that manipulates the garbage collector in a way that could lead to remote code execution (RCE). This allows an attacker to execute arbitrary code on the server, potentially leading to full system compromise……
CISA Warns on Contec CM8000 having a Backdoor
The Contec CM8000 patient monitor has been identified as having critical vulnerabilities, specifically backdoor functionalities, which pose significant risks to patient safety and data privacy. Here is an in-depth analysis of these vulnerabilities, their implications, and the recommended mitigation measures…..
Qualys TotalAppSec a Detailed Outlook
Qualys TotalAppSec is a comprehensive application risk management solution designed to provide end-to-end security for APIs, web applications, and malware detection through a unified platform. Launched by Qualys, Inc., this solution integrates various security capabilities to help organizations manage their application security risks effectively. Here is an in-depth look at the features, benefits, and use cases of TotalAppSec.
Casio UK invaded by the Magento Web Skimmer Campaign
Web skimming, also known as “Magecart attacks,” involves injecting malicious code into e-commerce websites to steal payment card information and other sensitive data entered by customers. These attacks typically exploit vulnerabilities in the website’s software or third-party plugins to insert skimming scripts. Once the malicious script is in place, it captures the data entered by customers during the checkout process and transmits it to the attackers’ servers…..
This brings the end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us, please follow us on Facebook, Twitter, Instagram
Very useful post.