Advisories
Ivanti EPM Traversal Flaw (CVE-2024-13159)
A path traversal flaw in Ivanti Endpoint Manager running versions 2024 November Security Update and prior or 2022 SU6 November Security Update and prior allows for leakage of sensitive information by a remote, unauthenticated attacker.
Mar 13, 2025 - 5 Min Read
Actively Exploited Critical Vulnerabilities in VMWare ESXi (CVE-2025-22224, CVE-2025-22225)
On March 4th, 2025, Broadcom published an advisory detailing multiple critical vulnerabilities in VMWare ESXi. Two of the vulnerabilities (CVE-2025-22224 and CVE-2025-22225) can be used together to allow a successful attacker with local administrator privileges on a hosted virtual machine to escape the virtual machine and execute code on the hypervisor. Beazley Security is aware of active exploitation of this vulnerability by sophisticated attackers and strongly recommends affected organizations apply updates from Broadcom to their ESXi clusters as soon as possible.
Mar 5, 2025 - 4 Min Read
SimpleHelp Path Traversal Vulnerability (CVE-2024-57727)
On January 15th, multiple vulnerabilities were reported in SimpleHelp’s Remote Support Software product. One of the vulnerabilities, CVE-2024-57727, would allow successful attackers to access arbitrary files on a victim’s server, including sensitive configuration files containing passwords.
Feb 26, 2025 - 4 Min Read
SonicWall SSL VPN Session Hijacking (CVE-2024-53704)
On January 7th, Sonicwall published an advisory regarding an improper authentication vulnerability in their SonicOS SSL VPN service. Criticality of this vulnerability was enhanced February 10, 2025 when trivial proof-of-concept code emerged, and attacks began being observed in the wild.
Feb 20, 2025 - 4 Min Read
Authentication Bypass in PAN-OS Management Web Interface (CVE-2025-0108)
On February 12th, Palo Alto Networks released an advisory (CVE-2025-0108) for an authentication bypass vulnerability in Palo Alto Networks PAN-OS software related to the management web interface. The vulnerability could allow for an unauthenticated attacker to run PHP scripts, potentially impacting device integrity.
Feb 19, 2025 - 4 Min Read
Fortinet BreachForums Dump
On January 14th, Beazley Security Labs observed an advertisement posted to the cybercrime community BreachForums, detailing a dump of configuration files and passwords from over 15 thousand Fortinet network appliances.
Jan 17, 2025 - 4 Min Read
Critical Vulnerability in FortiOS and FortiProxy under Active Exploitation (CVE-2024-55591)
On January 14th, Fortinet published an advisory about a critical authentication bypass vulnerability in their FortiOS and FortiProxy software, identified as CVE-2024-55591.
Jan 16, 2025 - 4 Min Read
Critical Vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA Gateway under Active Exploitation (CVE-2025-0282)
On January 8th, software vendor Ivanti published an advisory detailing a critical vulnerability (CVE-2025-0282) in their Connect Secure, Policy Secure, and ZTA Gateway products.
Jan 9, 2025 - 5 Min Read
Critical Vulnerability in Cleo Software (CVE-2024-55956)
On December 10th, software vendor Cleo published an advisory detailing a critical vulnerability in their Harmony, VLTrader, and LexiCom products.
Dec 11, 2024 - 3 Min Read
Critical Vulnerability in Palo Alto PAN-OS (CVE-2024-0012)
On November 18th, Palo Alto Networks published an advisory regarding a critical vulnerability in their PAN-OS software, a core component for their next-generation firewall product line.
Nov 18, 2024 - 3 Min Read