In this week's Security Advisory:
Palo Alto has released an advisory with details on ten total vulnerabilities. The most severe is CVE-2025-0108 (CVSS 8.8/10), which allows an unauthenticated attacker with network access to a vulnerable firewall to bypass authentication and invoke specific PHP scripts. It has been reported that this vulnerability has been exploited in the wild. Palo Alto has said that you can greatly reduce the risk of this specific vulnerability by restricting access to the management web interface to only trusted internal IPs.
Affected Versions
More Reading/Information
The vulnerability, CVE-2025-21589 (CVSS 9.3/10), can allow a network-based attacker to bypass authentication and take over administrative control of the targeted device. This vulnerability affects Juniper's Session Smart Router, Session Smart Conductor, and WAN Assurance Router products.
Affected Versions
More Reading/Information
Two vulnerabilities have been patched in Xerox printers. These vulnerabilities, CVE-2024-12510 (CVSS 6.7/10) and CVE-2024-12511 (CVSS 7.6/10) can allow an attacker who has gained access to the printer to move laterally and collect AD credentials via Light Weight Directory Access Protocol (LDAP). If you cannot patch it immediately, it is recommended that you set a complex password for the printer's admin account.
Affected Versions
More Reading/Information
OpenSSH has patched two vulnerabilities CVE-2025-26465 and CVE-2025-26466. The first vulnerability, CVE-2025-26465, affects an OpenSSH client with the "VerifyHostKeyDNS" option enabled. This can allow an attacker to impersonate a server to intercept traffic and does not require user interaction. The second vulnerability, CVE-2025-26466, impacts the client and server and can be exploited without authentication to cause a denial of service.
Affected Versions
More Reading/Information
Google Chrome announced patches with an updated browser version, which has addressed three new vulnerabilities. Successful exploitation of these can lead to code execution and buffer overflow. Mozilla has released updates to Firefox, to address a memory-safe bug that showed evidence of memory corruption and could be used to run arbitrary code.
More Reading/Information
Please review your environment to ensure the above-mentioned issues are patched in a timely manner. It is security best practice to regularly update and/or patch software to the latest versions. The vulnerabilities above highlight the security benefits of limiting deployed software to "vendor-supported versions" only. This dramatically increases the likelihood that new vulnerabilities have a patch issued for them. Likewise, Cybersafe strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program.