#cve_2025_59287 — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #cve_2025_59287, aggregated by home.social.
-
Analysis of ShadowPad Attack Exploiting WSUS Remote Code Execution Vulnerability (CVE-2025-59287)
#CVE_2025_59287 #ShadowPad
https://asec.ahnlab.com/en/91166/ -
Scans for Port 8530/8531 (TCP). Likely related to WSUS Vulnerability CVE-2025-59287
#CVE_2025_59287
https://isc.sans.edu/diary/32440 -
CVE-2025-59287 WSUS Remote Code Execution
#CVE_2025_59287
https://hawktrace.com/blog/CVE-2025-59287 -
Voilà… 💥 dangerosité de cette vulnérabilité confirmée par @GossiTheDog
👇
https://cyberplace.social/@GossiTheDog/115430147992307420Il soulève aussi la possibilité d’une attaque par envoi de mise à jour malveillante post-programmée.
...et effectivement des instances WSUS sont visibles sur Internet
⚠️ Exploitation active signalée par Huntress :
"Exploitation of Windows Server Update Services Remote Code Execution Vulnerability (CVE-2025-59287)"
👇
https://www.huntress.com/blog/exploitation-of-windows-server-update-services-remote-code-execution-vulnerability -
📢 Exploitation active d’une vulnérabilité RCE dans WSUS (CVE-2025-59287)
📝 Source: Huntress — Le billet détaille l’exploitation active de la vulnérabilité **CVE-2025-59287** dans **Windows Serve...
📖 cyberveille : https://cyberveille.ch/posts/2025-10-25-exploitation-active-dune-vulnerabilite-rce-dans-wsus-cve-2025-59287/
🌐 source : https://www.huntress.com/blog/exploitation-of-windows-server-update-services-remote-code-execution-vulnerability
#CVE_2025_59287 #IOC #Cyberveille -
🚨 [CISA-2025:1024] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2025:1024)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2025-54236 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-54236)
- Name: Adobe Commerce and Magento Improper Input Validation Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Adobe
- Product: Commerce and Magento
- Notes: https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397 ; https://nvd.nist.gov/vuln/detail/CVE-2025-54236⚠️ CVE-2025-59287 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-59287)
- Name: Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-59287 ; https://nvd.nist.gov/vuln/detail/CVE-2025-59287#SecDB #InfoSec #CVE #CISA_KEV #cisa_20251024 #cisa20251024 #cve_2025_54236 #cve_2025_59287 #cve202554236 #cve202559287
-
🚨 [CISA-2025:1024] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2025:1024)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2025-54236 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-54236)
- Name: Adobe Commerce and Magento Improper Input Validation Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Adobe
- Product: Commerce and Magento
- Notes: https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397 ; https://nvd.nist.gov/vuln/detail/CVE-2025-54236⚠️ CVE-2025-59287 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-59287)
- Name: Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-59287 ; https://nvd.nist.gov/vuln/detail/CVE-2025-59287#SecDB #InfoSec #CVE #CISA_KEV #cisa_20251024 #cisa20251024 #cve_2025_54236 #cve_2025_59287 #cve202554236 #cve202559287
-
🚨 [CISA-2025:1024] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2025:1024)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2025-54236 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-54236)
- Name: Adobe Commerce and Magento Improper Input Validation Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Adobe
- Product: Commerce and Magento
- Notes: https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397 ; https://nvd.nist.gov/vuln/detail/CVE-2025-54236⚠️ CVE-2025-59287 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-59287)
- Name: Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-59287 ; https://nvd.nist.gov/vuln/detail/CVE-2025-59287#SecDB #InfoSec #CVE #CISA_KEV #cisa_20251024 #cisa20251024 #cve_2025_54236 #cve_2025_59287 #cve202554236 #cve202559287
-
Pour la série: vendredi patch urgent & rush en prod 😅
Microsoft a publié une mise à jour hors-cycle corrigeant une RCE critique (CVE-2025-59287) dans Windows Server Update Services (WSUS pour les intimes).
« Si vous n’avez pas encore installé la mise à jour de sécurité Windows d’octobre 2025, nous vous recommandons d’appliquer cette mise à jour OOB à la place. Après l’installation, vous devrez redémarrer votre système. »
Une démonstration d’exploitation / PoC public est disponible : https://hawktrace.com/blog/CVE-2025-59287
La possibilité du "wormable" évoqué, fait monter la pression par les temps qui courent…
Actions recommandées :
- Appliquer l’update d’urgence fourni par Microsoft dès que possible (OOB/cumulative). Redémarrage requis. ⬅️ 🩹
⬇️
🔗 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287
Si vous ne pouvez pas patcher immédiatement : désactiver le rôle WSUS ou bloquer les ports 8530 et 8531 au niveau du pare-feu hôte en attendant
Gravité : CVSS élevé (~9.8)
👇
https://vulnerability.circl.lu/vuln/CVE-2025-59287