This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2025-29812.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-1045.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-1047.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-1046.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S24. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-49413.
This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Samsung Galaxy S24. An attacker must first obtain the ability to perform activities on the target device. The ZDI has assigned a CVSS rating of 5.9. The following CVEs are assigned: CVE-2024-49421.
This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Samsung Galaxy S24. An attacker must first obtain the ability to perform activities on the target device. The ZDI has assigned a CVSS rating of 5.3.
This vulnerability allows local attackers to escalate privileges on affected installations of Samsung Galaxy S24. An attacker must first obtain the ability to execute low-privileged script on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.3. The following CVEs are assigned: CVE-2024-49420.
What is the Vulnerability?FortiGuard Labs has observed in-the-wild attack attempts targeting CVE-2025-31161, an authentication bypass vulnerability in CrushFTP managed file transfer (MFT) software. Successful exploitation may grant attackers administrative access to the application, posing a serious threat to enterprise environments.The vulnerability is remotely exploitable, and a proof-of-concept (PoC) exploit is now publicly available. This increases the risk of rapid adoption by threat actors, including ransomware groups who have historically targeted MFT platforms like MOVEit Transfer and Cleo MFT.According to the Shadowserver Foundation, approximately 1,800 unpatched, internet-exposed CrushFTP instances remain vulnerable globally, heightening the urgency for immediate mitigation.What is the recommended Mitigation?FortiGuard Labs recommends users to apply the fix provided by the vendor and follow any instructions as mentioned on the vendor`s advisory. Limit internet exposure of MFT services wherever possible, or use CrushFTP DMZ function, and further monitor for suspicious activity or unauthorized access attempts.Affected versions include 10.0.0 to 10.8.3 and 11.0.0 to 11.3.0. Users should immediately patch to 10.8.4 or 11.3.1 and later. https://www.crushftp.com/crush11wiki/Wiki.jsp?page=UpdateWhat FortiGuard Coverage is available? FortiGuard Labs has available IPS protection for CVE-2025-31161 which detects and block attack attempts targeting CrushFTP Authentication Bypass vulnerability.FortiGuard Labs has blocked all the known Indicators of Compromise (IOCs) linked to the campaigns targeting the CrushFTP vulnerability (CVE-2025-31161).The FortiGuard Incident Response team can be engaged to help with any suspected compromise.
Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.
