BaseFortify.eu
LightNews LightNews
banner
basefortify.bsky.social
BaseFortify.eu
@basefortify.bsky.social
46 followers 130 following 380 posts
πŸ” BaseFortify.eu Stay ahead of cybersecurity threats with BaseFortify.eu – your trusted platform for vulnerability management and CVE reports. Tailored solutions for SMBs and enterprises. #CyberSecurity #VulnerabilityManagement #Exploit #CVE #InfoSec
Posts Media Videos Starter Packs
Pinned
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· Oct 6
πŸš€ New video: Getting Started 01 β€” Add Assets & Review Threats

BaseFortify is an agentless vulnerability & risk platform that turns CVEs into a prioritized queue. Add assets, see KEV/EPSS matches and track. Includes A.I. Assistance + status workflow

Watch: youtu.be/VDai8Ts5Jz8

#CyberSecurity #CVE
Getting Started 01 β€” Add Assets & Review Threats (BaseFortify.eu)
YouTube video by BaseFortify
youtu.be
1 1 3
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 1d
🚨 CVE-2025-12779 β€” Amazon WorkSpaces (CVSS 8.8)
Auth tokens may leak to other local users on shared Linux systems. Upgrade to 2025.0+ to prevent session hijacking ⚠️

basefortify.eu/cve_reports/...

#CVE #Amazon #Workspace #TokenLeak #PatchNow
Amazon logo with the yellow smile/arrow on a dark glitch-textured background
1
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 1d
🚨 CVE-2025-45378 β€” Dell CloudLink (CVSS 9.1)
Privileged users can break out of restricted shell and escalate to full system access via SSH. Patch ASAP to prevent takeover ⚠️

basefortify.eu/cve_reports/...

#CVE #Dell #PrivilegeEscalation #CloudSecurity #PatchNow
Dell CloudLink logo on a dark red abstract digital background
1
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 1d
🚨 CVE-2025-63601 β€” Snipe-IT (CVSS 9.9)
Authenticated users can upload malicious backups and run system commands. Update to 8.3.3+ to fix remote code execution ⚠️

basefortify.eu/cve_reports/...

#CVE #SnipeIT #RCE #OpenSource #CyberSecurity
Snipe-IT logo featuring a punk-style mascot with purple star face paint
2
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 1d
πŸ” BaseFortify helps flag critical CVEs, track at-risk devices, and prioritize patches 🧠 Stay ahead of active exploits like BadCandy with smart tooling.

✨ basefortify.eu/register

#SMBsecurity #vulnmanagement #BaseFortify
Register for Free | BaseFortify
Sign up at BaseFortify to start monitoring vulnerabilities instantly. Get free access to AI-powered CVE analysis, real-time alerts, and powerful dashboards.
basefortify.eu
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 1d
πŸ•΅οΈβ€β™‚οΈ BadCandy drops a Lua web shell via Cisco’s Web UI vuln, CVE-2023-20198, letting attackers create admin users βš™οΈ It's non-persistent but reinfections remain high through stolen creds.

πŸ“Ž [Read more in post 1]

#vulnerabilities #Cisco #networksecurity
1
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 1d
🚨 New blog post: Over 14,000 Cisco routers are still infected with the BadCandy backdoor. Attackers are exploiting CVE-2023-20198 to gain full control πŸ› οΈ

πŸ”— basefortify.eu/posts/2025/1...

#cybersecurity #CVE202320198 #infosec
Cisco logo superimposed on a dark background with red streaks and purple and blue highlights.
1
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 2d
🚨 CVE-2025-62225 β€” Sony Optical Disc Archive (CVSS 8.4)
Unquoted service path lets local users run code as SYSTEM. Update your Sony archive software now to prevent escalation.

πŸ”— basefortify.eu/cve_reports/...

#CVE #Sony #PrivilegeEscalation #CyberSecurity
Sony Optical Disc Archive software logo
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 2d
πŸ”₯ CVE-2025-64109 β€” Cursor AI Code Editor (CVSS 8.8)
Malicious MCP config triggers remote code execution when cloning a repo. Fixed in 2025.09.17-25b418f β€” update now.

πŸ”— basefortify.eu/cve_reports/...

#CVE #Cursor #RCE #SupplyChainSecurity
Cursor logo on black background
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 2d
πŸ›‘ CVE-2025-64151 β€” Roboticsware Products (CVSS 8.4)
Unquoted Windows service path lets attackers gain SYSTEM privileges. Patch Roboticsware BA-Panel6 and related tools.

πŸ”— basefortify.eu/cve_reports/...

#CVE #Roboticsware #PrivilegeEscalation #Infosec
Roboticsware UI screenshot with factory robots
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 8d
🎨 CVE-2025-10920 β€” GIMP ⚑
Malformed ICNS files can trigger out-of-bounds writes and remote code execution (CVSS 7.8). Avoid opening untrusted files until patched. 🚨

πŸ”— basefortify.eu/cve_reports/...

#CVE #GIMP #Linux #RCE #CyberSecurity #PatchNow
GIMP mascot β€œWilber” on a dark background holding a paintbrush; official GIMP logo
1 3
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 8d
🧰 CVE-2025-64131 β€” Jenkins SAML Plugin ⚑
Replay attack flaw (CVSS 7.5) allows attackers to impersonate users via captured authentication tokens. Update or disable SAML Plugin ≀4.583. πŸ”’

πŸ”— basefortify.eu/cve_reports/...

#CVE #Jenkins #DevSecOps #CyberSecurity #PatchNow
Jenkins CI butler logo on blue background with the word β€œJenkins.”
2
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 8d
🌐 CVE-2025-62229 β€” X.Org Xwayland ⚑
Use-after-free in Present extension can crash or lead to code execution (CVSS 7.3). Update to the latest X.Org Server or distro patch. 🧩

πŸ”— basefortify.eu/cve_reports/...

#CVE #Xorg #Linux #CyberSecurity #PatchNow
Yellow circle with a rough white β€œW”, representing Wayland/X.Org graphics stack
2
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 11d
Notice: CVE-2025-11447 in GitLab CE/EE allows unauthenticated GraphQL DoS via crafted JSON; fixed in 18.3.5, 18.4.3, 18.5.1. Update today πŸ› οΈ

basefortify.eu/cve_reports/...

#CVE #GitLab #DevSecOps #DoS #PatchNow #BaseFortify
GitLab logo on dark dotted world map background
2
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 11d
Heads up: CVE-2025-12220 β€” BusyBox 1.31.1 carries multiple known vulns used across routers and IoT stacks; update builds and vendors still bundling it. πŸ”§

basefortify.eu/cve_reports/...

#CVE #BusyBox #IoTSecurity #Linux #PatchNow #BaseFortify
BusyBox banner in dark blue with the word busybox
1
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 11d
🚨 Critical: CVE-2025-12275 in Azure Access Terminal (BLU-IC2/BLU-IC4) enables mail config tampering and command execution; versions through 1.19.5 affected. Patch now ⚠️

basefortify.eu/cve_reports/...

#CVE #Security #Azure #OT #PatchNow #BaseFortify
Azure Access Terminal logo on white background
1
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 13d
⚠️ Active exploitation confirmed β€” NCSC and Digital Trust Center report attacks targeting WSUS servers (CVE-2025-59287).
Protect your systems and get tailored threat insights with BaseFortify.

Join now πŸ‘‰ basefortify.eu/register
#Infosec #PatchNow #BaseFortify
Register for Free | BaseFortify
Sign up at BaseFortify to start monitoring vulnerabilities instantly. Get free access to AI-powered CVE analysis, real-time alerts, and powerful dashboards.
basefortify.eu
1
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 13d
🚨 NCSC warns: A critical flaw in Microsoft WSUS (CVE-2025-59287) is being actively exploited. Microsoft has issued an emergency patch β€” apply it immediately. ⚠️

πŸ”— Read more:
basefortify.eu/posts/2025/1...

#CyberAlert #WindowsServer #Infosec #PatchNow #Cybersecurity #NCSC #VulnerabilityManagement
3 1 5
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 14d
The CVE has been around for over a month already: basefortify.eu/cve_reports/... but alas it is being actively exploited. Maybe 2/3 of webshops still need to apply the update
CVE-2025-54236 | BaseFortify
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this …
basefortify.eu
1 2
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 15d
πŸ’¬ CVE-2025-62820 β€” Slack Nebula 🌐
A CIDR handling flaw (CVSS 4.9) allows arbitrary IPs inside Nebula networks β€” reducing trust boundaries. Update to 1.9.7+ today! 🚨

πŸ”— basefortify.eu/cve_reports/...

#CVE #Slack #Nebula #CyberSecurity #NetworkSecurity
Slack logo on purple background with bright network visuals
1
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 15d
πŸƒ CVE-2025-11575 β€” MongoDB Atlas SQL ODBC Driver ⚑
Incorrect default permissions (CVSS 8.8) let attackers escalate privileges on Windows systems. Update your drivers now! πŸ”’

πŸ”— basefortify.eu/cve_reports/...

#CVE #MongoDB #CyberSecurity #PrivilegeEscalation #PatchNow
MongoDB logo with stylized green leaves and digital chip
3
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 15d
🌍 CVE-2025-57870 β€” Esri ArcGIS Server 🚨
A critical SQL Injection flaw (CVSS 10.0) lets unauthenticated attackers run arbitrary SQL commands! Data theft or deletion possible β€” patch fast! πŸš€

πŸ”— basefortify.eu/cve_reports/...

#CVE #Esri #ArcGIS #CyberSecurity #SQLInjection
Esri logo on a glowing world map with network lines
1
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 17d
πŸ’Ύ CVE-2025-11949 β€” Digiwin EasyFlow
A missing authentication flaw (CVSS 8.7) allows attackers to grab DB admin credentials remotely. Business-critical exposure β€” update and rotate passwords now! 🧱

πŸ”— basefortify.eu/cve_reports/...

#CVE #Digiwin #CyberSecurity #DataProtection
DigiwinSoft logo in red and black
1
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 17d
πŸ’Ύ CVE-2025-11949 β€” Digiwin EasyFlow
A missing authentication flaw (CVSS 8.7) allows attackers to grab DB admin credentials remotely. Business-critical exposure β€” update and rotate passwords now! 🧱

πŸ”— basefortify.eu/cve_reports/...

#CVE #Digiwin #CyberSecurity #DataProtection
TP-Link logo on a dark reflective surface
1
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 17d
πŸ” CVE-2025-12004 β€” MediaWiki Lockdown Extension
A critical permission flaw (CVSS 10.0) lets attackers bypass access controls in MediaWiki. This could lead to full privilege abuse and data exposure. Patch immediately!⚠️

πŸ”— basefortify.eu/cve_reports/...

#CVE #MediaWiki #OpenSource #CyberSecurity
MediaWiki logo with orange-yellow petals around a black center
2
basefortify.bsky.social
BaseFortify.eu @basefortify.bsky.social Β· 18d
πŸ’Ύ CVE-2025-62577 β€” Fujitsu ETERNUS SF βš™οΈ
Incorrect permissions may leak DB credentials and lead to admin-level command execution 🧩
Secure your storage infrastructure today! πŸ›‘οΈ

πŸ”— basefortify.eu/cve_reports/...

#CVE #Fujitsu #ETERNUS #DataSecurity #CyberSecurity #PatchNow
Fujitsu logo on metallic server background
1