CVE-2025-62003

BullWall Server Intrusion Protection has a noticeable delay before the MFA check when connecting via RDP. A remote authenticated attacker with administrative privileges can potentially bypass detection during this window. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be...

CVE-2025-62004

BullWall Server Intrusion Protection services are initialized after login services. An authenticated attacker with administrative permissions can log in after boot and bypass MFA. SIP service does not retroactively enforce the challenge or disconnect unauthenticated sessions. Versions 4.6.0.0,...

CVE-2025-62004

BullWall Server Intrusion Protection SIP services are initialized after login services during system startup. A local, authenticated attacker can log in after boot and before SIP MFA is running. The SIP services do not retroactively enforce MFA or disconnect sessions that were not subject to SIP...

CVE-2025-62004 BullWall Server Intrusion Protection (SIP) initialization race condition

BullWall Server Intrusion Protection SIP services are initialized after login services during system startup. A local, authenticated attacker can log in after boot and before SIP MFA is running. The SIP services do not retroactively enforce MFA or disconnect sessions that were not subject to SIP...

CVE-2025-62004 BullWall Server Intrusion Protection (SIP) initialization race condition

BullWall Server Intrusion Protection SIP services are initialized after login services during system startup. A local, authenticated attacker can log in after boot and before SIP MFA is running. The SIP services do not retroactively enforce MFA or disconnect sessions that were not subject to SIP...

CVE-2025-62004

CVE-2025-62004 affects BullWall Server Intrusion Protection (SIP); an initialization race causes SIP MFA to start after login services, enabling a local, authenticated attacker to log in after boot before SIP MFA runs and bypass MFA. Affected versions: 4.6.0.0, 4.6.0.6, 4.6.0.7, 4.6.1.4 (other ve...

CVE-2025-62003 BullWall Server Intrusion Protection RDP MFA connection delay

BullWall Server Intrusion Protection has a noticeable configuration-dependent delay before the MFA check for RDP connections. A remote, authenticated attacker can potentially bypass detection during this delay. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 are affected. Other versions may also ...

BullWall Ransomware Containment and Server Intrusion Protection multiple vulnerabilities

RISK EVALUATION BullWall Ransomware Containment and Server Intrusion Protection are products used for ransomware containment. Multiple vulnerabilities were reported that when used individually or in conjunction could allow a remote attacker with valid credentials to log in to a system with...

BullWall Server Intrusion Protection 安全漏洞

BullWall Server Intrusion Protection is a server security software from the Danish company BullWall. A security vulnerability exists in BullWall Server Intrusion Protection versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4, which stems from a delayed MFA check and could lead to a privileged attacke...

PT-2025-52341

Name of the Vulnerable Software and Affected Versions BullWall Server Intrusion Protection versions 4.6.0.0 through 4.6.1.4 Description BullWall Server Intrusion Protection exhibits a delay before Multi-Factor Authentication MFA is checked when connecting via Remote Desktop Protocol RDP. A remote...

AZL-50781 CVE-2024-46870 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable DMCUB timeout for DCN35 Why DMCUB can intermittently take longer than expected to process commands. Old ASIC policy was to continue while logging a diagnostic error - which works fine for ASIC without IPS...

usbguard security update

An update is available for usbguard. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The USBGuard software framework provides system protection against intrusive...

CVE-2022-30526 (Fixed): Zyxel Firewall Local Privilege Escalation

Rapid7 discovered a local privilege escalation vulnerability affecting Zyxel firewalls. The vulnerability allows a low privileged user, such as nobody, to escalate to root on affected firewalls. To exploit this vulnerability, a remote attacker must first establish shell access on the firewall, fo...

CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection

Rapid7 discovered and reported a vulnerability that affects Zyxel firewalls supporting Zero Touch Provisioning ZTP, which includes the ATP series, VPN series, and the USG FLEX series including USG20-VPN and USG20W-VPN. The vulnerability, identified as CVE-2022-30525, allows an unauthenticated and...

Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-06377)

Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco USA, which is mainly used to configure firewall, VPN and intrusion protection security services on Cisco networks and security devices.Cisco Security Manager has a cross-site scripting vulnerability, which...

Cisco Security Manager Cross-Site Scripting Vulnerability

Cisco Security Manager CSM is a set of enterprise-level management applications from Cisco, which are used to configure firewall, VPN, and intrusion protection security services on Cisco networks and security devices. cross-site scripting vulnerability exists in Cisco Security Manager, which stem...

Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-06385)

Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco USA, which is mainly used to configure firewall, VPN and intrusion protection security services on Cisco networks and security devices.Cisco Security Manager has a cross-site scripting vulnerability, which...

Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-06386)

Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco, which are used to configure firewall, VPN, and intrusion protection security services on Cisco networks and security devices. cross-site scripting vulnerability exists in Cisco Security Manager, which stem...

Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-06383)

Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco, which is mainly used to configure firewall, VPN and intrusion protection security services on Cisco networks and security devices. The product's Web interface does not validate user input, an attacker can...

Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-06381)

Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco, which are used to configure firewall, VPN, and intrusion protection security services on Cisco networks and security devices. cross-site scripting vulnerability exists in Cisco Security Manager, which can ...