CISA says a maximum severity vulnerability in AMI's MegaRAC Baseboard Management Controller (BMC) software, which enables attackers to hijack and brick servers, is currently under active exploitation.
CISA has confirmed that a maximum severity vulnerability in AMI's MegaRAC Baseboard Management Controller (BMC) software is now actively exploited in attacks.

The MegaRAC BMC firmware provides remote system management capabilities for troubleshooting servers without being physically present, and it's used by several vendors (including HPE, Asus, and ASRock) that supply equipment to cloud service providers and data centers.

This authentication bypass security flaw (tracked as CVE-2024-54085) can be exploited by remote unauthenticated attackers in low-complexity attacks that don't require user interaction to hijack and potentially brick unpatched servers.

Critical vulnerabilities in Versa Concerto that are still unpatched could allow remote attackers to bypass authentication and execute arbitrary code on affected systems.
Three security issues, two of them critical, were publicly disclosed by researchers at the vulnerability management firm ProjectDiscovery after reporting them to the vendor and receiving no confirmation of the bugs being addressed.

Versa Concerto is the centralized management and orchestration platform for Versa Networks' SD-WAN and SASE (Secure Access Service Edge) solutions.
Three security issues, two of them critical, were publicly disclosed by researchers at the vulnerability management firm ProjectDiscovery after reporting them to the vendor and receiving no confirmation of the bugs being addressed.

Versa Concerto is the centralized management and orchestration platform for Versa Networks' SD-WAN and SASE (Secure Access Service Edge) solutions.

​Ivanti has released security updates for its Neurons for ITSM IT service management solution that mitigate a critical authentication bypass vulnerability.

Tracked as CVE-2025-22462, the security flaw can let unauthenticated attackers gain administrative access to unpatched systems in low-complexity attacks, depending on system configuration.

As the company highlighted in a security advisory released today, organizations that followed its guidance are less exposed to attacks.

"Customers who have followed Ivanti's guidance on securing the IIS website and restricted access to a limited number of IP addresses and domain names have a reduced risk to their environment," Ivanti said.

"Customers who have users log into the solution from outside their company network also have a reduced risk to their environment if they ensure that the solution is configured with a DMZ."

Ivanti added that CVE-2025-22462 only impacts on-premises instances running versions 2023.4, 2024.2, 2024.3, and earlier, and said that it found no evidence that the vulnerability is being exploited to target customers.

Product Name Affected Version(s) Resolved Version(s)
Ivanti Neurons for ITSM (on-prem only) 2023.4, 2024.2, and 2024.3 2023.4 May 2025 Security Patch
2024.2 May 2025 Security Patch
2024.3 May 2025 Security Patch
The company also urged customers today to patch a default credentials security flaw (CVE-2025-22460) in its Cloud Services Appliance (CSA) that can let local authenticated attackers escalate privileges on vulnerable systems.

While this vulnerability isn't exploited in the wild either, Ivanti warned that the patch won't be applied correctly after installing today's security updates and asked admins to reinstall from scratch or use these mitigation steps to ensure their network is protected from potential attacks.

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers.

Fortinet has disclosed a second authentication bypass vulnerability that was fixed as part of a January 2025 update for FortiOS and FortiProxy devices.

SonicWall is emailing customers urging them to upgrade their firewall's SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is

CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in attacks.

SAP has released its security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass that could allow remote attackers to fully compromise the system.

The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port.

Today, Ivanti warned of a new authentication bypass vulnerability impacting Connect Secure, Policy Secure, and ZTA gateways, urging admins to secure their appliances immediately.

Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber ransomware.

CVE-2023-42793 is a critical authentication bypass published on September 19, 2023 that affects on-premises instances of JetBrains TeamCity, a CI/CD server. Th…

US-based IT software company Ivanti warned customers today that a critical Sentry API authentication bypass vulnerability is being exploited in the wild.