PAN finally published their August advisory and they have some interesting ones. Remember that they use CVSS-BT to make their score "more accurate" ( read: lower ).
https://security.paloaltonetworks.com/
#patchTuesday
This round includes yet another LPE in GlobalProtect.
https://security.paloaltonetworks.com/CVE-2025-2183
Shared default creds across Cortex Broker VMs is a dumb one:
https://security.paloaltonetworks.com/CVE-2025-2184
Exposed CAKs is just fun to say because I'm 12:
https://security.paloaltonetworks.com/CVE-2025-2182
And a few others in there. Happy hacking.
PAN finally published their August advisory and they have some interesting ones. Remember that they use CVSS-BT to make their score "more accurate" ( read: lower ).
https://security.paloaltonetworks.com/
#patchTuesday
Today's earworm.
https://www.youtube.com/watch?v=m4veL-eaN5g
@wall_e@ioc.exchange @wurzelmann@mastodon.wurzelmann.at Nah, it was cancelled.
@wall_e@ioc.exchange @wurzelmann@mastodon.wurzelmann.at Really though, it was last week.
Has it really been over a month now since we've had a sev:CRIT from Cisco?
knocks on wood
Here's a bunch of Netis Router things for those that might be interested.
https://github.com/Chinesexilinyu
cc: @Dio9sys@haunted.computer @da_667@infosec.exchange
#internetOfShit
sev:HIGH LPE in linux-pam.
https://access.redhat.com/security/cve/CVE-2025-8941
A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.
In true XKCD 927 fashion, Muddled Libra / UNC3944 / Scattered Spider / Lapsus$ / whatever new name the multi-billion dollar security companies are calling the kids these days is now going to be referred to as FEISTY CUMSTAIN.
#GAYINT #FURINT #threatIntel
F5 put out their quarterly advisory, including a KB for MadeYouReset.
https://my.f5.com/manage/s/article/K000152635
#patchTuesday
Check your HTTP/2 shit. Similar to the Rapid Reset vuln, this is another DoS in HTTP/2 they're calling Made You Reset.
https://www.imperva.com/blog/madeyoureset-turning-http-2-server-against-itself/
Patches in NGINX, Envoy, Apache, and HAProxy added thresholds for stream resets and behavioral analytics to flag clients abusing the protocol.
Tomcat also has an advisory for it:
https://lists.apache.org/thread/9ydfg0xr0tchmglcprhxgwhj0hfwxlyfThe MadeYouReset vulnerability was found to affect several widely used HTTP/2 server implementations, including Netty, Jetty, Apache Tomcat, IBM WebSphere, and BIG-IP.
https://deepness-lab.org/publications/madeyoureset/
Here's the Netty advisory for this:
https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4
cR0w