#samba

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 4.1 ATTENTION: Exploitable from an adjacent network Vendor: Schneider Electric Equipment: EcoStruxure Vulnerabilities: Uncontrolled Resource Consumption, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition or disclose sensitive credential data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Schneider Electric products are affected: EcoStruxure Building Operation Enterprise Server 7.x: Versions prior to 7.0.2.348 EcoStruxure Building Operation Enterprise Server 6.x: Versions prior to 6.0.4.10001 (CP8) EcoStruxure Building Operation Enterprise Server 5.x: Versions prior to 5.0.3.17009 (CP16) EcoStruxure Enterprise Server 7.x: Versions prior to 7.0.2.348 EcoStruxure Enterprise Server 6.x: Versions prior to 6.0.4.10001 (CP8) EcoStruxure Enterprise Server 5.x: Versions prior to 5.0.3.17009 (CP16) EcoStruxur...

Microsoft on Tuesday addressed a set of 80 security flaws in its software, including one vulnerability that has been disclosed as publicly known at the time of release. Of the 80 vulnerabilities, eight are rated Critical and 72 are rated Important in severity. None of the shortcomings has been exploited in the wild as a zero-day. Like last month, 38 of the disclosed flaws are related to

Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zero-day" or actively exploited vulnerabilities in this month's bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft's most-dire "critical" label. Meanwhile, both Apple and Google recently released updates to fix zero-day bugs in their devices.

September Microsoft Patch Tuesday. A total of 103 vulnerabilities, 29 fewer than in August. Of these, 25 vulnerabilities were added between the August and September MSPT. So far, no vulnerabilities are known to be exploited in the wild. Two have public PoC exploits: 🔸 DoS – Newtonsoft.Json (CVE-2024-21907)🔸 EoP – Azure Networking (CVE-2025-54914) Notable among […]

Microsoft has released its monthly security update for September 2025, which includes 86 vulnerabilities affecting a range of products.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ThinManager Vulnerability: Server-Side Request Forgery (SSRF) 2. RISK EVALUATION Successful exploitation of this vulnerability could expose the ThinServer service account NTLM hash. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports the following versions of ThinManager, a thin client management software, are affected: ThinManager: Versions 13.0 through 14.0 3.2 VULNERABILITY OVERVIEW 3.2.1 SERVER-SIDE REQUEST FORGERY (SSRF) CWE-918 A server-side request forgery security issue exists within Rockwell Automation ThinManager software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, thereby exposing the ThinServer service account NTLM hash. CVE-2025-9065 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.2 has been calculated; the CVSS vecto...

**Are there any further actions I need to take to be protected from relay attacks?** The security updates released on September 9, 2025 enable support for auditing SMB client compatibility for SMB Server signing as well as SMB Server EPA. This allows customers to assess their environment and identify any potential device or software incompatibility issues before deploying the hardening measures that are already supported by SMB Server. Please see https://support.microsoft.com/help/5066913 for more information.

**According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are low (PR:L). What does that mean for this vulnerability?** Exploitation of this vulnerability requires an authorized attacker on the domain to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.

CrowdStrike reports COOKIE SPIDER using malvertising to spread SHAMOS macOS malware (a new variant of AMOS infostealer), stealing…

Cisco Talos discovered UAT-7237, a Chinese-speaking advanced persistent threat (APT) group active since at least 2022, which has significant overlaps with UAT-5918.