News - Page 17 of 28 - UZCERT xizmati

Computer Emergency
Response Team

News

AMD Ryzen DLL Hijacking Vulnerability Allows Attackers to Execute Arbitrary Code

Cybersecurity researchers have discovered a high-risk vulnerability in the AMD Ryzen™ Master Utility software. Identified as CVE-2024-21966, this flaw allows attackers to execute malicious code on a system and escalate their privileges. This vulnerability is classified as DLL Hijacking and…

News

PostgreSQL Terminal Tool Vulnerability Allows Remote Code Execution

Recently, cybersecurity researchers discovered a critical SQL injection vulnerability in PostgreSQL’s interactive terminal tool, psql. This vulnerability, identified as CVE-2025-1094, allows attackers to remotely execute arbitrary code. This flaw was uncovered during the analysis of CVE-2024-12356, a remote code execution…

News

Vulnerability in WinZip Allows Hackers to Take Control of Your Computer

One of the world’s most popular file archiving programs, WinZip, has been found to contain a critical security vulnerability. Designated as CVE-2025-1240, this vulnerability enables attackers to execute arbitrary code remotely using malicious 7Z archive files. This vulnerability has received…

News

ZeroLogon Exploit: Threat to Active Directory and Domain Controllers

The ZeroLogon exploit is currently one of the most dangerous cyber threats used by malicious actors to attack Microsoft Active Directory environments. This exploit is registered under the identifier CVE-2020-1472 and poses a serious risk to Microsoft domain controllers. The…

News

SonicWall Firewall Vulnerability Allows Attackers to Hijack SSL VPN Sessions

Recently, cybersecurity experts have discovered a critical vulnerability in SonicWall firewalls. The vulnerability, identified as CVE-2024-53704, allows attackers to hijack SSL VPN sessions and gain unauthorized access. This vulnerability affects SonicOS versions 7.1.x (7.1.1-7058 and earlier), 7.1.2-7019, and 8.0.0-8035. Attackers…

News

“Wormable” Vulnerability in Windows LDAP Allows Attackers to Execute Code Remotely

Recently, cybersecurity specialists have discovered a critical vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) in Windows operating systems. This vulnerability, designated as CVE-2025-21376, enables attackers to execute arbitrary code remotely. The most dangerous aspect of this…

News

New Vulnerability in Ivanti Connect Secure Allows Attackers to Execute Code Remotely

Recently, a new serious cybersecurity threat has emerged. Ivanti has disclosed a critical vulnerability, CVE-2025-22467, in its Connect Secure (ICS) product. This flaw, categorized as a stack-based buffer overflow, has been rated 9.9 (Critical) on the CVSS v3.1 scale, allowing…

News

New Critical Vulnerability in Fortinet Systems Allows Attackers to Take Over Firewalls and Gain Super Admin Privileges

Another dangerous vulnerability has been discovered in the world of cybersecurity. Fortinet, one of the leading cybersecurity companies, has confirmed the discovery of a new critical authentication bypass vulnerability (CVE-2025-24472) in its FortiOS and FortiProxy products, which has already been…

News

Advanced System Against APT Threats: Have You Heard About EARLYCROW?

Today, one of the most significant threats in the field of cybersecurity is Advanced Persistent Threats (APTs). These attacks target government agencies, major corporations, research centers, and military organizations, carrying out covert and long-term operations. APT threats utilize sophisticated malware…

News

Check Point and Wiz Partnership: A Comprehensive Cybersecurity Solution for Hybrid Cloud Environments

In today’s world of information technology, cloud infrastructure has become an integral part of business operations. However, as cloud adoption grows, so do cybersecurity threats. A significant gap exists between network security and cloud-native application protection, particularly in hybrid cloud…