CERT-EU, CERT for the EU institutions, bodies, and agencies.
What has kept us busy in the past year? What did we, together with the IICB, achieve? But also: what are the challenges that are currently right in front of us? 🧐
Answers to these questions, and to many more you might have, can be found in the Annual Report of the IICB (Interinstitutional Cybersecurity Board). Have a read! 👇
https://www.cert.europa.eu/blog/first-year-in-the-bag-many-more-to-come
Only 2 weeks left to submit your talk for the Technical Track at CERT-EU's Annual Conference. Send your proposal by 28 April and take part in our Flagship Event, this year’s theme Never Gonna Breach You Up.
Follow the link
https://www.cert.europa.eu/conference/never-gonna-breach-you-up/announcement
to submit your participation and help make "Never Gonna Breach You Up" an exceptional edition.
Critical Vulnerability in Ivanti Products (CERT-EU Security Advisory 2025-016)
On April 4, 2025, Ivanti released a security advisory regarding a critical vulnerability affecting their products. The vulnerability is known to be exploited in the wild. The vulnerability has been fixed in the February 2025 release and was initially identified as a product bug.
CERT-EU recommends upgrading to a supported and fixed version of Ivanti products as soon as possible. CERT-EU also recommends reviewing forensic evidence to detect any signs of exploitation.
https://www.cert.europa.eu/publications/security-advisories/2025-016/
Critical vulnerability in CrushFTP (CERT-EU Security Advisory 2025-015)
In April 2025, information about an easy-to-exploit critical vulnerability affecting CrushFTP was made public. It is recommended updating affected server as soon as possible.
Proof of concepts are available, and the vulnerability is being exploited in the wild.
https://www.cert.europa.eu/publications/security-advisories/2025-015/
Critical Vulnerability in Apache Tomcat (CERT-EU Security Advisory 2025-014)
On March 10, 2025, Apache released a security advisory regarding a critical vulnerability affecting the Apache Tomcat product.
It is recommended updating the affected assets to a fixed version of Apache Tomcat.
https://www.cert.europa.eu/publications/security-advisories/2025-014/
Don't miss your chance to contribute to CERT-EU's Annual Conference 2025! The Conference will take place in Brussels on 2-3 October, and our Call for Proposals for the Technical Track is still open until April 28th. Share your insights and expertise and help make "Never Gonna Breach You Up" an exceptional edition. Submit now: https://cert.europa.eu/conference/never-gonna-breach-you-up/announcement #CyberSecurity #CERTEU #Conference #CallForProposals
Critical Vulnerabilities in Gitlab (CERT-EU Security Advisory 2025-011)
On March 13, 2025, GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), addressing nine vulnerabilities, including two critical severity flaws in the "ruby-saml" library used for SAML Single Sign-On (SSO) authentication.
It is recommended updating affected assets as soon as possible.
https://www.cert.europa.eu/publications/security-advisories/2025-011/
Critical Vulnerability in Cisco IOS XR Software (CERT-EU Security Advisory 2025-010)
On March 13, 2025, CISCO released an advisory regarding a critical vulnerability identified in Cisco’s IOS XR Software.
It is recommended updating affected assets as soon as possible.
https://www.cert.europa.eu/publications/security-advisories/2025-010/
Critical Vulnerabilities in Windows Remote Desktop Services (CERT-EU Security Advisory 2025-009)
On March 13, Microsoft has released its March security update, addressing 57 vulnerabilities across its product range, including six critical flaws. Among the critical vulnerabilities are CVE-2025-24035 and CVE-2025-24045, both Remote Code Execution (RCE) vulnerabilities in Windows Remote Desktop Services (RDS). Each vulnerability has been assigned a CVSSv3 score of 8.1 and is rated as critical.
It is recommended updating affected assets as soon as possible.
https://www.cert.europa.eu/publications/security-advisories/2025-009/
High Vulnerabilities in Fortinet Products (CERT-EU Security Advisory 2025-008)
On March 11, 2025, Fortinet released several security advisories addressing 18 vulnerabilities ranging from low to high severity.
It is recommended updating as soon as possible.
https://www.cert.europa.eu/publications/security-advisories/2025-008/
Exciting news! CERT-EU's Annual Conference is back in 2025!
This year's theme: "Never Gonna Breach You Up" – a call to action to better navigate, together, the multipolar, highly volatile world we live in.
Submit your proposal for the Technical Track by 28 April and help us spread the word:
https://cert.europa.eu/conference/never-gonna-breach-you-up/announcement
#CERTEU #CyberSecurity #Conference #CallForProposals
Critical Vulnerability in Kibana (CERT-EU Security Advisory 2025-007)
On 5 March 2025, Elastic released a security update addressing a critical vulnerability in Kibana, identified as CVE-2025-25012 with a CVSS score of 9.9.
This flaw could allow an attacker to execute arbitrary code on the server. It is strongly recommended to update vulnerable Kibana instances.
https://www.cert.europa.eu/publications/security-advisories/2025-007/
Critical Vulnerabilities in Mattermost (CERT-EU Security Advisory 2025-006)
On 23 January 2025, Mattermost used advisories for several vulnerabilities, including three critical severity flaws affecting the Board plugin. If exploited, these vulnerabilities could allow an authenticated attacker to read any file on the server, or read data directly from the database.
It is recommended to check for potential abuse, and to update vulnerable Mattermost instances.
https://www.cert.europa.eu/publications/security-advisories/2025-006/
Several Vulnerabilities in VMware Products (CERT-EU Security Advisory 2025-005)
On March 4, 2025, Broadcom issued an advisory regarding multiple vulnerabilities in VMware products. An attacker with access to a virtual machine could escape it to execute code on the host. Those vulnerabilities are being exploited in the wild.
It is recommended applying update as soon as possible.
https://www.cert.europa.eu/publications/security-advisories/2025-005/
Critical Vulnerabilities in Fortinet Products (CERT-EU Security Advisory 2025-003)
On January 14, Fortinet released and updated several security advisories addressing multiple vulnerabilities ranging from low to critical severity. At least one critical vulnerability is known to be exploited in the wild.
It recommended updating as soon as possible, and if not possible, at least applying mitigations.
https://www.cert.europa.eu/publications/security-advisories/2025-003/
Multiple Vulnerabilities in Microsoft Products (CERT-EU Security Advisory 2025-002)
On January 14, Microsoft has released its January 2025 Patch Tuesday updates, addressing a total of 159 security vulnerabilities across various products. The patches include fixes for critical and important-severity issues that could allow attackers to gain unauthorised access, execute arbitrary code, or elevate privileges. Three vulnerabilities were already being exploited in attacks.
https://www.cert.europa.eu/publications/security-advisories/2025-002/
UPDATE: Critical Vulnerabilities in Ivanti Products (CERT-EU Security Advisory 2025-001)
On January 8, 2025, Ivanti announced the release of two critical vulnerabilities affecting their products Ivanti Connect Secure and Ivanti Policy Secure and Ivanti Neurons for ZTA gateways. These vulnerabilities could lead to remote code execution and privilege escalation.
[New] Ivanti's security advisory indicates that CVE-2025-0282 was being exploited on a limited number of Ivanti Connect Secure appliances at the time of disclosure.
It is strongly recommended updating affected devices as soon as possible.
https://www.cert.europa.eu/publications/security-advisories/2025-001/
UPDATE: Critical Vulnerabilities in Ivanti Products (CERT-EU Security Advisory 2025-001)
On January 8, 2025, Ivanti announced the release of two critical vulnerabilities affecting their products Ivanti Connect Secure and Ivanti Policy Secure and Ivanti Neurons for ZTA gateways. These vulnerabilities could lead to remote code execution and privilege escalation.
It is strongly recommended updating affected devices as soon as possible.
https://www.cert.europa.eu/publications/security-advisories/2025-001/
Critical Vulnerabilities in Ivanti Products (CERT-EU Security Advisory 2025-001)
On January 8, 2025, Ivanti announced the release of two critical vulnerabilities affecting their products Ivanti Connect Secure and Ivanti Policy Secure and Ivanti Neurons for ZTA gateways. These vulnerabilities could lead to remote code execution and privilege escalation.
It is strongly recommended updating affected devices as soon as possible.
https://www.cert.europa.eu/publications/security-advisories/2025-001/
Critical Vulnerability in 7-Zip (CERT-EU Security Advisory 2024-118)
A severe security vulnerability has been discovered in 7-Zip, the popular file compression utility, allowing remote attackers to execute malicious code through specially crafted archives. The vulnerability tracked as CVE-2024-11477 has received a high CVSS score of 7.8.
https://www.cert.europa.eu/publications/security-advisories/2024-118/