remote attacker – Experimental News Clipping Site

Bulletins: Vulnerability Summary for the Week of August 25, 2025

Sep 2, 2025

—

by

Source URL: https://www.cisa.gov/news-events/bulletins/sb25-245 Source: Bulletins Title: Vulnerability Summary for the Week of August 25, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000projects–Online Project Report Submission and Evaluation System A vulnerability has been found in 1000projects Online Project Report Submission and Evaluation System 1.0. This issue affects some unknown…

Embrace The Red: AWS Kiro: Arbitrary Code Execution via Indirect Prompt Injection

Aug 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/aws-kiro-aribtrary-command-execution-with-indirect-prompt-injection/ Source: Embrace The Red Title: AWS Kiro: Arbitrary Code Execution via Indirect Prompt Injection Feedly Summary: On the day AWS Kiro was released, I couldn’t resist putting it through some of my Month of AI Bugs security tests for coding agents. AWS Kiro was vulnerable to arbitrary command execution via indirect prompt…

The Register: Cisco’s Secure Firewall Management Center now not-so secure, springs a CVSS 10 RCE hole

Aug 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/15/cisco_secure_firewall_management_bug/ Source: The Register Title: Cisco’s Secure Firewall Management Center now not-so secure, springs a CVSS 10 RCE hole Feedly Summary: Switchzilla’s summer of perfect 10s Cisco has issued a patch for a maximum-severity bug in its Secure Firewall Management Center (FMC) software that could allow an unauthenticated, remote attacker to inject arbitrary…

The Register: Watch out, another max-severity, make-me-root Cisco bug on the loose

Jul 17, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/07/17/critical_cisco_bug/ Source: The Register Title: Watch out, another max-severity, make-me-root Cisco bug on the loose Feedly Summary: Three perfect 10s in the last month – ISE, ISE, baby Cisco has issued a patch for a critical 10 out of 10 severity bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector…

Tag: remote attacker

Bulletins: Vulnerability Summary for the Week of August 25, 2025

Embrace The Red: AWS Kiro: Arbitrary Code Execution via Indirect Prompt Injection

The Register: Cisco’s Secure Firewall Management Center now not-so secure, springs a CVSS 10 RCE hole

The Register: Watch out, another max-severity, make-me-root Cisco bug on the loose