CVE-2025-29824

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Publication date: Tue, 08 Apr 2025 00:00:00 +0000


Cyber News related to CVE-2025-29824

Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824) - Help Net Security - CVE-2024-29824, an unauthenticated SQL Injection vulnerability in Ivanti Endpoint Manager (EPM) appliances, is being exploited by attackers, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the bug to its Known Exploited ...
6 months ago Helpnetsecurity.com CVE-2024-29824
Microsoft: Zero-day bug used in ransomware attacks on US real estate firms | The Record from Recorded Future News - Microsoft did not provide more information on the hackers behind the campaign, only referring to the threat actors as “Storm-2460.” CVE-2025-29824 was the only Patch Tuesday bug from Microsoft added to the Cybersecurity and Infrastructure ...
2 weeks ago Therecord.media CVE-2025-29824 RansomEXX
Ivanti Endpoint Manager Vulnerability Public Exploit is Now Used in Cyber Attacks - The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new vulnerability to its Known Exploited Vulnerabilities Catalog. As cyber threats continue to evolve, CISA remains committed to updating its catalog with ...
6 months ago Cybersecuritynews.com CVE-2024-29824
Microsoft Patch Tuesday April 2025: 121 Vulnerabilities Fixed Including 1 Actively Exploited Zero-Day - This month’s update addresses a significant array of threats, including elevation of privilege, remote code execution, and a single actively exploited zero-day vulnerability that has heightened urgency for users and administrators alike. ...
2 weeks ago Cybersecuritynews.com CVE-2025-29824
Microsoft: Windows CLFS zero-day exploited by ransomware gang - Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims' systems. This ransomware gang has also targeted high-profile organizations, ...
2 weeks ago Bleepingcomputer.com CVE-2025-29824 RansomEXX
Windows CLFS Zero-Day Vulnerability Actively Exploited by Ransomware Group - A critical zero-day vulnerability in the Windows Common Log File System (CLFS) has been uncovered and is being actively exploited by a ransomware group, according to a recent report from the Microsoft Threat Intelligence Center (MSTIC) and Microsoft ...
2 weeks ago Cybersecuritynews.com CVE-2025-29824
US CISA adds Ivanti EPM flaw to its Known Exploited Vulnerabilities catalog - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Ivanti Virtual Traffic Manager authentication bypass vulnerability CVE-2024-29824 (CVSS score of 9.6) to its Known Exploited Vulnerabilities (KEV) catalog. U.S. Cybersecurity ...
6 months ago Securityaffairs.com CVE-2024-29824 CVE-2024-45519
Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks - GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents. As cyber threats continue to evolve, CISA remains committed to updating ...
6 months ago Gbhackers.com CVE-2024-29824
CISA Releases Thirteen Industrial Control Systems Focusing Vulnerabilities & Exploits - An improper output neutralization for logs vulnerability CVE-2024-5594 in Siemens SINEMA Remote Connect Server.  It allows a malicious OpenVPN peer to send garbage to the OpenVPN log or cause high CPU load. The advisory includes missing ...
1 month ago Cybersecuritynews.com CVE-2024-5594
CISA Releases 20 ICS Advisories Detailing Vulnerabilities & Exploits - Vulnerabilities in the SIPROTEC 5 series include Cleartext storage of sensitive information (CVE-2024-53651), which has a CVSS v3 base score of 4.6. Mitigation involves firmware updates and restricting network access. This SCADA management software ...
2 months ago Cybersecuritynews.com CVE-2024-53651 CVE-2025-25067 CVE-2025-24865 CVE-2025-22896 CVE-2025-23411 CVE-2023-37482 CVE-2024-54015 CVE-2022-38465 CVE-2025-24811 CVE-2025-20615 CVE-2025-24836 CVE-2025-23421 CVE-2024-53977 CVE-2025-23363 CVE-2025-1283 CVE-2025-23403 CVE-2025-26473 CVE-2025-25281 CVE-2025-24861
Windows Common Log File System 0-Day Vulnerability Exploited in the Wild - Successful exploitation could allow attackers to gain SYSTEM-level access, bypassing critical security measures and potentially compromising sensitive data or system integrity. A critical zero-day vulnerability in the Windows Common Log File System ...
2 weeks ago Cybersecuritynews.com CVE-2025-29824
Apple backports zero-day patches to older iPhones and Macs - Apple has released security updates that backport fixes for actively exploited vulnerabilities that were exploited as zero-days to older versions of its operating systems. Specifically, the latest update for iOS 18.4 and iPadOS 18.4 fixes 77 ...
3 weeks ago Bleepingcomputer.com CVE-2025-30456
Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities - The CL0P ransomware group exploited vulnerabilities to access sensitive employee data, including names and Social Security numbers. SonicWall has patched three vulnerabilities in its NetExtender VPN client for Windows (versions prior to 10.3.2). ...
1 week ago Cybersecuritynews.com CVE-2025-29824 Scattered Spider SideCopy
CVE-2025-29824 - Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. ...
1 week ago CVE-2025-29824 CVE-2023-28252 CVE-2025-24983
CISA Warns of Windows NTFS Vulnerability Actively Exploited to Access Sensitive Data - In an era where file system vulnerabilities comprise 23% of KEV entries, the March 2025 advisories serve as a stark reminder: patch, segment, and verify—before attackers exploit the gaps. These flaws CVE-2025-24984, CVE-2025-24991, CVE-2025-24993, ...
1 month ago Cybersecuritynews.com CVE-2025-24984
Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active ...
6 months ago Thehackernews.com CVE-2024-29824
CISA Adds High-Severity Ivanti Vuln to KEV Catalog - "Exploiting this flaw could have serious consequences, such as data breaches, disruption of business operations, and further compromise of internal systems," Eric Schwake, director of cybersecurity strategy at Salt Security, wrote in an ...
6 months ago Darkreading.com CVE-2024-29824
CVE-2021-29824 - IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to priviledge escalation where a lower level user could have read access to to the 'Data Connections' page to which they don't have access. IBM X-Force ID: 204468. ...
2 years ago
CVE-2022-29824 - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, ...
2 years ago
CVE-2023-29824 - ** DISPUTED ** A use-after-free issue was discovered in Py_FindObjects() function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue. ...
1 year ago
CVE-2024-29824 - An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. ...
4 months ago Tenable.com
Palo Alto Networks tags new firewall bug as exploited in attacks - Palo Alto Networks warns that a file read vulnerability (CVE-2025-0111) is now being chained in attacks with two other flaws (CVE-2025-0108 with CVE-2024-9474) to breach PAN-OS firewalls in active attacks. "Palo Alto Networks has observed exploit ...
2 months ago Bleepingcomputer.com CVE-2025-0111 CVE-2025-0108 CVE-2024-9474
Recent Windows Server 2025 updates cause Remote Desktop freezes - ​Microsoft says a known issue is causing Remote Desktop freezes on Windows Server 2025 systems after installing security updates released since the February 2025 Patch Tuesday. "After installing the February 2025 Security update ...
3 weeks ago Bleepingcomputer.com
VMware Vulnerabilities Exploited Actively to Deploy Ransomware - On March 4, 2025, Broadcom released emergency updates to address three critical vulnerabilities – CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 – affecting several VMware products, including ESXi, Workstation, and Fusion. Given the ...
1 month ago Cybersecuritynews.com CVE-2025-22224

Latest Cyber News


Cyber Trends (last 7 days)