Active exploitation of CVE-2025-11001 has been observed in the wild. A security researcher has also publicly released a proof-of-concept (PoC) exploit for CVE-2025-11001.
The PoC allows attackers to abuse symbolic-link handling to write files outside of the intended extraction folder, which in some scenarios, can enable arbitrary code execution.
Read more…
Source: NHS Digital
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Black Kingdom ransomware hacks networks with Pulse VPN flaws
June 13, 2020
Operators of Black Kingdom ransomware are targeting enterprises with unpatched Pulse Secure VPN software or initial access on the network, security researchers have found. The malware got caught in a honeypot, allowing researchers to analyze and document the tactics used by the threat actors. They’re exploiting CVE-2019-11510, a critical vulnerability affecting earlier versions of Pulse Secure VPN ...
- 6 New Vulnerabilities Found on D-Link Home Routers
June 12, 2020
On February 28, 2020, Palo Alto Networks’ Unit 42 researchers discovered six new vulnerabilities in D-Link wireless cloud routers running their latest firmware. The vulnerabilities were found in the DIR-865L model of D-Link routers, which is meant for home network use. The current trend towards working from home increases the likelihood of malicious attacks against home ...
- Cisco’s warning: Critical flaw in IOS routers allows ‘complete system compromise’
June 4, 2020
Cisco has disclosed four critical security flaws affecting router equipment that uses its IOS XE and IOS software. The four critical flaws are part of Cisco’s June 3 semi-annual advisory bundle for IOS XE and IOS networking software, which includes 23 advisories describing 25 vulnerabilities. The 9.8 out of 10 severity bug, CVE-2020-3227, concerns the authorization controls for the ...
- Severe Cisco DoS Flaw Can Cripple Nexus Switches
June 2, 2020
Cisco has patched a high-severity flaw in its NX-OS software, the network operating system used by Cisco’s Nexus-series Ethernet switches. If exploited, the vulnerability could allow an unauthenticated, remote attacker to bypass the input access control lists (ACLs) configured on affected Nexus switches – and launch a denial of service (DoS) attacks on the devices. “A successful ...
- New cold boot attack affects seven years of LG Android smartphones
June 2, 2020
South Korean phone manufacturer LG has released a security update last month to fix a vulnerability that impacts its Android smartphones sold over the past seven years. The vulnerability, tracked under the identifier of CVE-2020-12753, impacts the bootloader component that ships with LG smartphones. Separate from the Android OS, the bootloader is a piece of firmware specific ...
- Hackers Compromise Cisco Servers Via SaltStack Flaws
May 28, 2020
Cisco said attackers have been able to compromise its servers after exploiting two known, critical SaltStack vulnerabilities. The flaws exist in the open-source Salt management framework, which are used in Cisco network-tooling products. Two Cisco products incorporate a version of SaltStack that is running the vulnerable salt-master service. The first is Cisco Modeling Labs Corporate Edition (CML), ...