Table of Contents

    Additional Resources:

    CVE-2025-29927: Critical Vulnerability Leading to Authentication Bypass in Next.js

    CVE-2025-29927: Critical Vulnerability Leading to Authentication Bypass in Next.js

    Threat Alert

    1 min read

    Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin

    Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin

    Threat Alert

    1 min read

    In this week’s Security Advisory

    • AMI BMC Vulnerability Exposes Servers to Full Takeover
    • Cisco Patches Ten IOS XR Vulnerabilities
    • Nvidia Patches Rivia Vulnerabilities
    • SAP Releases March Patch Cycle
    • Meta Warns of FreeType Vulnerability at Risk of Exploitation

    AMI BMC Vulnerability Exposes Servers to Full Takeover

    A critical vulnerability has been discovered in AMI’s MegaRAC Baseboard Management Controller (BMC) software that could allow an attacker to bypass authentication. The vulnerability, CVE-2024-54085 (CVSS 10/10), can be exploited by a local or remote attacker by exploiting the remote management interface or via the BMC interface. Once compromised the threat actor would have full access to the server.

    Affected Versions

    • HPE Cray XD670 – Prior to BMC v1.19.
    • Asus RS720A-E11-RS24U.
    • ASRockRack.
    • HR630X V2.
    • HS350X V3.

    Recommendations

    • Apply the updates released by AMI, details can be found here.
    • If using an HPE brand, you can find the upgrade here.
    • If using a Lenovo brand, you can find the upgrade here.

    More Reading / Information

    Cisco Patches Ten IOS XR Vulnerabilities

    Cisco has released patches for ten vulnerabilities affecting its IOS XR software, five of which, when exploited result, in a DoS condition. The most severe DoS flaws are CVE-2025-20142 and CVE-2025-20146. These vulnerabilities are due to the incorrect handling of malformed IPv4 packets received on the line cards. A successful exploit could allow an attacker to cause network processor errors, resulting in a reset or shutdown of the network process.

    Affected Versions

    A full list of the affected versions can be found here.

    Recommendations

    Apply all relevant patches.

    More Reading / Information

    Nvidia Patches Rivia Vulnerabilities

    Nvidia released patches for two vulnerabilities in their Rivia service. Rivia is a multilingual translation service for building AI language models. Both vulnerabilities, CVE-2025-23242 (CVSS 7.3/10) and CVE-2025-23243 (CVSS 6.5/10) are improper access control issues. Successful exploitation could lead to privilege escalation, data tampering, denial of service, or information disclosure.

    Affected Versions

    All versions up to and including 2.18.0.

    Recommendations

    Update to version 2.19.0.

    More Reading / Information

    SAP Releases March Patch Cycle

    SAP released its March patch bundle and it included twenty-one new vulnerabilities affecting its Commerce, NetWeaver, and Commerce Cloud products. The highest severity vulnerabilities are CVE-2025-27434 and CVE-2025-26661 (CVSS 8.8/10), which are XSS vulnerabilities that can lead to an unauthenticated attacker injecting malicious code.

    Affected Versions

    A full list of affected versions can be found here.

    Recommendations

    Apply the latest patches.

    More Reading / Information

    Meta Warns of FreeType Font at Risk of Exploitation

    Meta warned of a security vulnerability that impacts the FreeType open-source font rendering library and that it may be under active exploit in the wild. The vulnerability, CVE-2025-27363 (CVSS 8.1/10), is described as an out-of-bounds write flaw that could be exploited to achieve arbitrary remote code execution.

    Affected Versions

    • AlmaLinux
    • Alpine Linux
    • Amazon Linux 2
    • Debian stable / Devuan
    • RHEL / CentOS Stream / Alma Linux / etc. 8 and 9
    • GNU Guix
    • Mageia
    • OpenMandriva
    • openSUSE Leap
    • Slackware
    • Ubuntu 22.04

    Recommendations

    Update your instances to the latest version of FreeType (2.13.3).

    More Reading / Information

    Recommendations

    Please review your environment to ensure the above-mentioned issues are patched in a timely manner. It is security best practice to regularly update and/or patch software to the latest versions. The vulnerabilities above highlight the security benefits of limiting deployed software to “vendor-supported versions” only. This dramatically increases the likelihood that new vulnerabilities have a patch issued for them. Likewise, CyberMaxx strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program.