UZCERT has identified these vulnerabilities in the information infrastructure of more than 10 organizations located in the Republic of Uzbekistan. We request government agencies and other organizations using “FORTINET” products to follow the recommendations below to mitigate these vulnerabilities: User…
The Presidential Decree of the Republic of Uzbekistan No. PQ-14 dated January 20, 2025, “On the establishment of the state university ‘Cyber University’,” has been adopted. According to the decree, the main tasks of the University are defined as follows:…
A serious security vulnerability has been discovered in the popular RealHomes WordPress template and its Easy Real Estate plugin, which could expose more than 32,000 websites to cyberattacks. The vulnerabilities are classified as privilege escalation issues that do not require…
A critical vulnerability has been identified in the popular 7-Zip archiving software. This vulnerability allows attackers to bypass an important Windows security feature—the “Mark-of-the-Web” (MotW) mechanism. The vulnerability, tracked as CVE-2025-0411, has been assigned a CVSS security rating of 7.0,…
Another significant issue in the field of technology security has been identified: a new vulnerability has been discovered in Cisco Meeting Management, potentially allowing attackers to gain administrator privileges within the system. This vulnerability is tracked as CVE-2025-20156 and is…
As technology security becomes increasingly complex each day, new vulnerabilities continue to pose threats to our systems. The vulnerability identified in Windows File Explorer under the identifier CVE-2024-38100 is a clear example of this issue. This vulnerability has raised concerns…
Today, as the world of technology continues to evolve rapidly, the importance of network security has become equally critical. However, even the most reliable security systems can sometimes encounter unexpected vulnerabilities. As of January 22, 2025, approximately 50,000 Fortinet firewall…
PAM-u2f is a module designed to support two-factor authentication using U2F (Universal 2nd Factor) technology. It is based on the FIDO standard and ensures secure system access with devices like YubiKey, Feitian, or other U2F-compatible tokens. If you are using…
A smart contract is a digital contract operating on blockchain technology, designed to automatically manage processes when specific conditions are met. Simply put, a smart contract is a program or a piece of code that ensures the fulfillment of predefined…
A vulnerability identified in the Windows Common Log File System (CLFS) driver, CVE-2024-49138, represents a significant risk for Windows systems. This zero-day vulnerability enables attackers to gain SYSTEM-level privileges without user interaction. It is particularly dangerous for Windows 11 (23H2)…