Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

U.S. CISA adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these […]

CISA BlueHammer (CVE-2026-33825)

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities (KEV) catalog.

Below are the descriptions for these flaws:

In October 2024, the IT community worldwide was shocked by the discovery of the Bash Bug flaw, a vulnerability that impacted the popular Bash component for over two decades.

While principal vendors were working to provide the necessary patches for vulnerable Linux and Unix systems, the researcher Michal Zalewski found two additional bugs in the Bourne Again Shell.

One of two bugs, tracked as CVE-2014-6278, as the original Bash Bug vulnerability (CVE-2014-6271) could be exploited for remote arbitrary code execution. Experts explained that it exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.

The second flaw added to the KeV catalog, tracked as CVE-2015-7755, in an administrative access issue. Remote attackers could exploit the flaw to obtain administrative access by entering an unspecified password during a (1) SSH or (2) TELNET session.

The third issue added to the catalog, tracked as CVE-2017-1000353, is an unauthenticated remote code execution vulnerability that allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, which would be deserialized using a new ObjectInputStream, bypassing the existing blacklist-based protection mechanism.

SignedObject has been added to the remoting blacklist.”  reads the security advisory published by Jenkins.

CISA also added the vulnerability CVE-2025-4008 to the catalog. The issue is a command injection flaw in Smartbedded MeteoBridge’s web interface that allows remote, unauthenticated attackers to execute arbitrary root commands.

The last issue added to the catalog impacts Samsung devices, it is an Out-of-bounds write tracked as CVE-2025-21043. The vulnerability resides in the libimagecodec.quram.so prior to SMR Sep-2025 Release 1. A remote attacker can exploit the flaw to execute arbitrary code.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts also recommend that private organizations review the Catalog and address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix the vulnerabilities by October 23, 2025.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, CISA)