Cyber Security

Articles on SystemTek’s website that relate to cyber security.

NewsSecurity Vulnerabilities

Critical Zero-day Vulnerabilities in VMware ESXi, Workstation, and Fusion (CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226)

CVE-2025-22224 and CVE-2025-22225 and CVE-2025-22226 – Broadcom has addressed three exploited vulnerabilities that, when chained, can allow an attacker to access the hypervisor through a running virtual machine.

Read More
Cyber SecurityNews

Russian telecom Beeline hit by cyberattack

Yesterday, a targeted distributed denial-of-service (DDoS) attack disrupted internet service for some Russians, affecting the telecom provider Beeline. This marks the second significant attack on the Moscow-based company in recent weeks.

Read More
NewsSecurity Vulnerabilities

Delta Electronics CNCSoft-G2 DPAX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-22880)

CVE-2025-22880 – This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2.

Read More
NewsSecurity Vulnerabilities

Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability (CVE-2025-21373)

CVE-2025-21373 – This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows.

Read More
NewsSecurity Vulnerabilities

Microsoft Edge UI Misrepresentation Remote Code Execution Vulnerability (CVE-2025-21404)

CVE-2025-21404 – This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Edge.

Read More
NewsSecurity Vulnerabilities

RedHat Out-of-bounds Write vulnerability (CVE-2025-0690)

CVE number = CVE-2025-0690 The read command is used to read the keyboard input from the user, while reads it

Read More
NewsSecurity Vulnerabilities

Cisco Secure Email Gateway Email Filter Bypass Vulnerability (CVE-2025-20153)

A vulnerability (CVE-2025-20153) in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device.

Read More
NewsSecurity Vulnerabilities

Qualys TRU Discovers Two New Vulnerabilities in OpenSSH (CVE-2025-26465 & CVE-2025-26466)

The Qualys Threat Research Unit (TRU) has discovered two vulnerabilities in OpenSSH. The first, identified as CVE-2025-26465, enables an active machine-in-the-middle attack on the OpenSSH client when the VerifyHostKeyDNS option is turned on. The second, CVE-2025-26466, impacts both the OpenSSH client and server, allowing a pre-authentication denial-of-service attack.

Read More
NewsSecurity Vulnerabilities

NVIDIA Container Toolkit mount_files Time-Of-Check Time-Of-Use Race Condition Privilege Escalation Vulnerability (CVE-2025-23359)

CVE-2025-23359 – This vulnerability allows remote attackers to escalate privileges on affected installations of NVIDIA Container Toolkit.

Read More
NewsSecurity Vulnerabilities

Red Hat Improper Authorization in Keycloak (CVE-2025-1391)

CVE-2025-1391 – A flaw was found in the Keycloak organization feature, which allows the incorrect assignment of an organization to a user if their username or email matches the organization’s domain pattern.

Read More