Summary

Broadcom has released a security bulletin, VMSA-2025-0004, addressing and remediating three vulnerabilities that, if exploited, could lead to system compromise. Products affected include vCenter Server, vRealize Operations Manager, and vCloud Director.

Threat Topography

• Threat Type: Critical Vulnerabilities
• Industry: Virtualization
• Geolocation: Global

Overview

X-Force Incident Command is monitoring activity surrounding Broadcom’s Security Bulletin (VMSA-2025-0004) for three potentially critical vulnerabilities in VMware products. These vulnerabilities, identified as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, have reportedly been exploited in attacks. X-Force has not been able to validate those claims. The vulnerabilities affect various VMware products, including vCenter Server, vRealize Operations Manager, and vCloud Director.

These vulnerabilities could allow attackers to launch various types of nefarious actions, potentially leading to data breaches, system compromise, and unauthorized access. Broadcom has patched the vulnerabilities with a new version of the affected products, urging users to update their systems as soon as possible.

Recommendations

Organizations using VMware products are advised to:

1. Immediately patch their systems with the latest version of the affected products.

2. Monitor system logs for any signs of suspicious activity.

3. Implement additional security measures, such as network segmentation and access controls.

References

1. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390

2. https://www.bleepingcomputer.com/news/security/broadcom-fixes-three-vmware-zero-days-exploited-in-attacks/

3. https://thehackernews.com/2025/03/vmware-security-flaws-exploited-in.html

The post FYSA — VMware Critical Vulnerabilities Patched appeared first on Security Intelligence.

Summary

Adobe has released a security bulletin (APSB24-107) addressing an arbitrary file system read vulnerability in ColdFusion, a web application server. The vulnerability, identified as CVE-2024-53961, can be exploited to read arbitrary files on the system, potentially leading to unauthorized access and data exposure.

Threat Topography

• Threat Type: Arbitrary File System Read
• Industries Impacted: Technology, Software, and Web Development
• Geolocation: Global
• Environment Impact: Web servers running ColdFusion 2021 and 2023 are vulnerable

Overview

X-Force Incident Command is monitoring the disclosure of an arbitrary file system read vulnerability in ColdFusion, a web application server, that can be exploited by an attacker to read arbitrary files on the system. The vulnerability, identified as CVE-2024-53961, affects ColdFusion 2021 and 2023. Adobe has provided a patch to address the issue. Adobe has also disclosed that proof of concept exploit code has been published for this vulnerability, making it crucial for organizations to prioritize patching to mitigate the risk of unauthorized access and data exposure. Exploitation has not yet been detected in the wild.

X-Force Incident Command recommends that organizations using ColdFusion review the Adobe bulleting and prioritize patching if running vulnerable versions of the software. Additionally, they should also consider implementing access controls and authentication mechanisms to limit unauthorized access to sensitive data.

X-Force Incident Command will continue to monitor this situation and provide updates as available.

Key Findings

• The vulnerability, CVE-2024-53961, affects ColdFusion 2021 and 2023.
• The vulnerability can be exploited to read arbitrary files on the system.
• Adobe has provided a patch to address the issue.
• The vulnerability can potentially lead to unauthorized access and data exposure.

Mitigations/Recommendations

• Apply the patch provided by Adobe as soon as possible.
• Implement access controls and authentication mechanisms to limit unauthorized access to sensitive data.
• Monitor systems for any signs of exploitation.
• Prioritize patching and vulnerability remediation to mitigate the risk of exploitation.
• Consider implementing file system monitoring and logging to detect and prevent unauthorized file access.

References

• https://helpx.adobe.com/security/products/coldfusion/apsb24-107.html
• https://www.bleepingcomputer.com/news/security/adobe-warns-of-critical-coldfusion-bug-with-poc-exploit-code/

The post FYSA – Adobe Cold Fusion Path Traversal Vulnerability appeared first on Security Intelligence.