#remote-code-execution #Vulnerability

Hackers exploited Windows WebDav zero-day to drop malware

An APT hacking group known as 'Stealth Falcon' exploited a Windows WebDav RCE vulnerability in zero-day attacks since March 2025 against defense and government organizations in Turkey, Qatar, Egypt, and Yemen. Stealth Falcon (aka 'FruityArmor') is an advanced persistent threat (APT) group known for conducting cyberespionage attacks against Middle East organizations. The flaw, tracked under CVE-2025-33053, is a remote code execution (RCE) vulnerability that arises from the improper handling of the working directory by certain legitimate system executables. Specifically, when a .url file sets its WorkingDirectory to a remote WebDAV path, a built-in Windows tool can be tricked into executing a malicious executable from that remote location instead of the legitimate one. This allows attackers to force devices to execute arbitrary code remotely from WebDAV servers under their control without dropping malicious files locally, making their operations stealthy and evasive. The vulnerability was discovered by Check Point Research, with Microsoft fixing the flaw in the latest Patch Tuesday update, released yesterday.

#bleepingcomputer #EN #2025 #CVE-2025-33053 #Patch-Tuesday #Actively-Exploited #Espionage #Remote-Code-Execution #Stealth-Falcon #Vulnerability #WebDAV #Windows #Zero-Day

·bleepingcomputer.com·Jun 12, 2025

Hackers exploited Windows WebDav zero-day to drop malware

Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE

Critical vulnerabilities in Versa Concerto that are still unpatched could allow remote attackers to bypass authentication and execute arbitrary code on affected systems. Three security issues, two of them critical, were publicly disclosed by researchers at the vulnerability management firm ProjectDiscovery after reporting them to the vendor and receiving no confirmation of the bugs being addressed. Versa Concerto is the centralized management and orchestration platform for Versa Networks' SD-WAN and SASE (Secure Access Service Edge) solutions. Three security issues, two of them critical, were publicly disclosed by researchers at the vulnerability management firm ProjectDiscovery after reporting them to the vendor and receiving no confirmation of the bugs being addressed. Versa Concerto is the centralized management and orchestration platform for Versa Networks' SD-WAN and SASE (Secure Access Service Edge) solutions.

#bleepingcomputer #EN #2025 #Authentication-Bypass #RCE #Remote-Code-Execution #Versa-Concerto #Vulnerability #CVE-2025-34027 #CVE-2025-34026 #CVE-2025-34025

·bleepingcomputer.com·May 22, 2025

Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE

SAP fixes suspected Netweaver zero-day exploited in attacks

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers.

#bleepingcomputer #EN #2025 #Actively-Exploited #Authentication-Bypass #RCE #Remote-Code-Execution #SAP #Vulnerability #Zero-Day

·bleepingcomputer.com·Apr 25, 2025

SAP fixes suspected Netweaver zero-day exploited in attacks

Cisco Webex bug lets hackers gain code execution via meeting links

Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links.

#bleepingcomputer #EN #2025 #vulnerability #Cisco #RCE #Remote-Code-Execution #WebEx #CVE-2025-20236

·bleepingcomputer.com·Apr 23, 2025

Cisco Webex bug lets hackers gain code execution via meeting links

D-Link says it is not fixing four RCE flaws in DIR-846W routers

D-Link is warning that four remote code execution (RCE) flaws impacting all hardware and firmware versions of its DIR-846W router will not be fixed as the products are no longer supported.

#bleepingcomputer #EN #2024 #D-Link #End-of-Life #End-of-Service #Hardware #RCE #Remote-Code-Execution #Vulnerability #DIR-846W

·bleepingcomputer.com·Sep 7, 2024

D-Link says it is not fixing four RCE flaws in DIR-846W routers

Veeam warns of critical RCE flaw in Backup & Replication software

Veeam has released security updates for several of its products as part of a single September 2024 security bulletin that addresses 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One.

#bleepingcomputer #EN #2024 #RCE #Remote-Code-Execution #Veeam #Veeam-Backup-&-Replication #Veeam-ONE #Vulnerability

·bleepingcomputer.com·Sep 6, 2024

Veeam warns of critical RCE flaw in Backup & Replication software

Over 92,000 exposed D-Link NAS devices have a backdoor account

A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) device models.