CVE-2025-34395

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution ...

CVE-2025-34395

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution ...

CVE-2025-34395

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution ...

CVE-2025-34395 Barracuda RMM < 2025.1.1 Service Center .NET Remoting Path Traversal RCE

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution ...

PT-2025-50338

Name of the Vulnerable Software and Affected Versions Barracuda Service Center versions prior to 2025.1.1 Description The Barracuda Service Center, as part of the RMM solution, has a .NET Remoting service exposed that allows an unauthenticated attacker to invoke a method susceptible to path...

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

Federal Civilian Executive Branch FCEB agencies are being advised to update their Sitecore instances by September 25, 2025, following the discovery of a security flaw that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-53690 , carries a CVSS score of 9.0 ou...

Sitecore Multiple Products Deserialization of Untrusted Data Vulnerability

Sitecore Experience Manager XM, Experience Platform XP, Experience Commerce XC, and Managed Cloud contain a deserialization of untrusted data vulnerability involving the use of default machine keys. This flaw allows attackers to exploit exposed ASP.NET machine keys to achieve remote code executio...

Exploit for Deserialization of Untrusted Data in Microsoft

SharePoint "ToolShell" RCE Exploit CVE-2025-53770 Overvi...

Zeroday vulnerabilities discovered in Microsoft SharePoint Server

Microsoft has released information about actively exploited zeroday vulnerabilities in on-premises versions of Microsoft SharePoint Server. SharePoint Online part of Microsoft 365 has not been affected. The zeroday vulnerabilities, marked CVE-2025-53770 and CVE-2025-53771, allow a malicious perso...

Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets

The Initial Access Broker IAB known as Gold Melody has been attributed to a campaign that exploits leaked ASP.NET machine keys to obtain unauthorized access to organizations and peddle that access to other threat actors. The activity is being tracked by Palo Alto Networks Unit 42 under the monike...

ConnectWise ScreenConnect Improper Authentication Vulnerability

ConnectWise ScreenConnect contains an improper authentication vulnerability. This vulnerability could allow a ViewState code injection attack, which could allow remote code execution if machine keys are compromised...

VulnCheck KEV: CVE-2025-3935

ConnectWise ScreenConnect contains an improper authentication vulnerability. This vulnerability could allow a ViewState code injection attack, which could allow remote code execution if machine keys are compromised...

ConnectWise ScreenConnect < 25.2.4 RCE

According to its version, the ConnectWise ScreenConnect remote access software installed on the remote host is prior to 25.2.4. It is, therefore affected by a remote code execution vulnerability: - ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection...

CVE-2025-3935

ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...

CVE-2025-3935

ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...

CVE-2025-3935

CVE-2025-3935 affects ScreenConnect 25.2.3 and earlier, where ViewState code injection can enable remote code execution if machine keys are compromised. The vulnerability stems from platform-level ViewState handling in ASP.NET Web Forms rather than a ScreenConnect flaw. ScreenConnect 2025.4 patch...

Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks

Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys from publicly accessible resources, thereby putting their applications in attackers' pathway. The tech giant's threat intelligence team said it observed limited...