81 matches found
IGEL OS < 11.0.0 Secure Boot bypass (CVE-2025-47827)
The version of IGEL OS running on the remote host is prior to version 11. It is, therefore, affected by a cryptographic signature verification vulnerability in the igel-flash-driver module. An attacker could exploit this flaw to bypass Secure Boot protections. By leveraging the improper...
IGEL OS Detection
Binary data igelosdetect.nbin...
📄 IGEL OS Workspace Edition 11.10.430 Privilege Escalation
IGEL OS Workspace Edition version 11.10.430 suffers from a privilege escalation vulnerability. This vulnerability demonstrates how architectural trust in custom configuration frameworks can be abused to establish long-term persistence, even on systems designed to be non-persistent and hardened by...
📄 IGEL OS Workspace Edition 11.10.430 Persistent Payload
IGEL OS Workspace Edition version 11.10.430 contains a persistence mechanism that allows authenticated attackers with root access to establish persistent code execution through the system's registry configuration. The vulnerability leverages IGEL OS's custom registry system and mount point...
IGEL OS UMS Discovery Service Detection
Binary data igelosumsdiscoveryservicedetect.nbin...
Metasploit Wrap-Up 11/28/2025
This week, we have added 10 new modules to Metasploit Framework including an SMB to MSSQL relay module, a remote code execution module targeting Fortinet software, additional 32-bit and 64-bit RISC-V payloads, and more. The SMB to MSSQL NTLM relay module allows users to open MSSQL sessions and ru...
IGEL OS Dump File
Dump a file with escalated privileges for IGEL OS Workspace Edition sessions, by elevating rights with setupcmd SUID and outputting with date. Module Options msf use post/linux/gather/igeldumpfile msf postigeldumpfile show actions ...actions... msf postigeldumpfile set ACTION msf postigeldumpfile...
IGEL OS Persistent Payload
Gain persistence for specified payload on IGEL OS Workspace Edition, by writing a payload to disk or base64-encoding and executing from registry. Module Options msf use exploit/linux/persistence/igelpersistence msf exploitigelpersistence show targets ...targets... msf exploitigelpersistence set...
IGEL OS Privilege Escalation (via systemd service)
Escalate privileges for IGEL OS Workspace Edition sessions, by modifying network-manager.service using setupcmd SUID and network, then restarting the service. Module Options msf use exploit/linux/local/igelnetworkprivesc msf exploitigelnetworkprivesc show targets ...targets... msf...
📄 IGEL OS Privilege Escalation
This Metasploit module escalates privileges for IGEL OS Workspace Edition sessions by modifying network-manager.service using setupcmd SUID and network and then restarting the service. This module requires Metasploit: https://metasploit.com/download Current source:...
IGEL OS Persistent Payload
This Metasploit module provides persistence for IGEL OS Workspace Edition for a specified payload. It writes a payload to disk or base64-encodes it and executes from the registry...
CISA Adds Five Known Exploited Vulnerabilities to Catalog
Updated October 22, 2025 CISA is continually collaborating with partners across government and the private sector. Through this collaboration, CISA has determined that CVE-2025-6264 has not been exploited and there is insufficient evidence to keep this CVE on the KEV and that the best course of...
Microsoft Patch Tuesday for October 2025 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for October 2025, addressing 175 Microsoft CVEs and 21 non-Microsoft CVEs. Among these, 17 vulnerabilities are considered critical and 11 are flagged as important and considered more likely to be exploited. Current intelligence shows that three o...
MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11
In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image. MITRE created this CVE on their behalf. The documented Windows updates...
VulnCheck KEV: CVE-2025-47827
In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image...
KB5066586: Windows 10 version 1809 / Windows Server 2019 Security Update (October 2025)
The remote Windows host is missing security update 5066586. It is, therefore, affected by multiple vulnerabilities - tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual til...
KB5066791: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (October 2025)
The remote Windows host is missing security update 5066791. It is, therefore, affected by multiple vulnerabilities - tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual til...
KB5066837: Windows 10 LTS 1507 Security Update (October 2025)
The remote Windows host is missing security update 5066837. It is, therefore, affected by multiple vulnerabilities - tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual til...
IGEL OS Use of a Key Past its Expiration Date Vulnerability
IGEL OS contains a use of a key past its expiration date vulnerability that allows for Secure Boot bypass. The igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image...
KB5066780: Windows Server version 23H2 Security Update (October 2025)
The remote Windows host is missing security update 5066780. It is, therefore, affected by multiple vulnerabilities - tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual til...