CVE-2025-29824

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Publication date: Tue, 08 Apr 2025 00:00:00 +0000


Cyber News related to CVE-2025-29824

Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824) - Help Net Security - CVE-2024-29824, an unauthenticated SQL Injection vulnerability in Ivanti Endpoint Manager (EPM) appliances, is being exploited by attackers, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the bug to its Known Exploited ...
7 months ago Helpnetsecurity.com CVE-2024-29824
Microsoft: Zero-day bug used in ransomware attacks on US real estate firms | The Record from Recorded Future News - Microsoft did not provide more information on the hackers behind the campaign, only referring to the threat actors as “Storm-2460.” CVE-2025-29824 was the only Patch Tuesday bug from Microsoft added to the Cybersecurity and Infrastructure ...
1 month ago Therecord.media CVE-2025-29824 RansomEXX
Ivanti Endpoint Manager Vulnerability Public Exploit is Now Used in Cyber Attacks - The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new vulnerability to its Known Exploited Vulnerabilities Catalog. As cyber threats continue to evolve, CISA remains committed to updating its catalog with ...
7 months ago Cybersecuritynews.com CVE-2024-29824
Windows Security Updates: How to Stay Ahead of Vulnerabilities - In April 2025, cybersecurity teams were starkly reminded of the stakes involved in patch management when Microsoft disclosed CVE-2025-29824, a zero-day privilege escalation flaw in the Windows Common Log File System (CLFS) driver. In April 2025, ...
2 weeks ago Cybersecuritynews.com CVE-2025-29824
Microsoft Patch Tuesday April 2025: 121 Vulnerabilities Fixed Including 1 Actively Exploited Zero-Day - This month’s update addresses a significant array of threats, including elevation of privilege, remote code execution, and a single actively exploited zero-day vulnerability that has heightened urgency for users and administrators alike. ...
1 month ago Cybersecuritynews.com CVE-2025-29824
Microsoft: Windows CLFS zero-day exploited by ransomware gang - Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims' systems. This ransomware gang has also targeted high-profile organizations, ...
1 month ago Bleepingcomputer.com CVE-2025-29824 RansomEXX
Windows CLFS Zero-Day Vulnerability Actively Exploited by Ransomware Group - A critical zero-day vulnerability in the Windows Common Log File System (CLFS) has been uncovered and is being actively exploited by a ransomware group, according to a recent report from the Microsoft Threat Intelligence Center (MSTIC) and Microsoft ...
1 month ago Cybersecuritynews.com CVE-2025-29824
Play ransomware exploited Windows logging flaw in zero-day attacks - Previous notable Play ransomware victims include cloud computing company Rackspace, car retailer giant Arnold Clark, the City of Oakland in California, Dallas County, the Belgian city of Antwerp, and, more recently, American semiconductor supplier ...
3 weeks ago Bleepingcomputer.com CVE-2025-29824 RansomEXX
US CISA adds Ivanti EPM flaw to its Known Exploited Vulnerabilities catalog - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Ivanti Virtual Traffic Manager authentication bypass vulnerability CVE-2024-29824 (CVSS score of 9.6) to its Known Exploited Vulnerabilities (KEV) catalog. U.S. Cybersecurity ...
7 months ago Securityaffairs.com CVE-2024-29824 CVE-2024-45519
Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks - GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents. As cyber threats continue to evolve, CISA remains committed to updating ...
7 months ago Gbhackers.com CVE-2024-29824
Hackers Exploit Software Flaws within Hours Forcing Urgent Push for Faster Patches - This rapidly shrinking window between vulnerability discovery and active exploitation forces organizations to rethink traditional patching cycles and implement more agile security responses. In April, Microsoft disclosed that a zero-day vulnerability ...
2 weeks ago Cybersecuritynews.com CVE-2025-29824
Windows Security in 2025: Battling Sophisticated Threats with Advanced Defenses - As threat actors adapt their techniques, Microsoft has responded with significant security enhancements while organizations navigate a complex threat environment dominated by privilege escalation attacks and driver vulnerabilities. This Windows ...
4 weeks ago Cybersecuritynews.com CVE-2025-0289
Ransomware gangs join ongoing SAP NetWeaver attacks - Forescout Vedere Labs security researchers have also linked these ongoing attacks to a Chinese threat actor they track as Chaya_004, while EclecticIQ reported on Tuesday that three other Chinese APTs (i.e., UNC5221, UNC5174, and CL-STA-0048) are also ...
2 weeks ago Bleepingcomputer.com CVE-2025-31324 BianLian RansomEXX
Windows Common Log File System 0-Day Vulnerability Exploited in the Wild - Successful exploitation could allow attackers to gain SYSTEM-level access, bypassing critical security measures and potentially compromising sensitive data or system integrity. A critical zero-day vulnerability in the Windows Common Log File System ...
1 month ago Cybersecuritynews.com CVE-2025-29824
Windows 0-Day Vulnerability Exploited in Wild to Deploy Play ransomware - The Symantec Threat Hunter Team reported that attackers affiliated with the Play ransomware group (also known as Balloonfly or PlayCrypt) targeted an unnamed organization in the United States, likely using a public-facing Cisco Adaptive Security ...
3 weeks ago Cybersecuritynews.com CVE-2025-29824
CISA Releases Thirteen Industrial Control Systems Focusing Vulnerabilities & Exploits - An improper output neutralization for logs vulnerability CVE-2024-5594 in Siemens SINEMA Remote Connect Server.  It allows a malicious OpenVPN peer to send garbage to the OpenVPN log or cause high CPU load. The advisory includes missing ...
2 months ago Cybersecuritynews.com CVE-2024-5594
Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities - The CL0P ransomware group exploited vulnerabilities to access sensitive employee data, including names and Social Security numbers. SonicWall has patched three vulnerabilities in its NetExtender VPN client for Windows (versions prior to 10.3.2). ...
1 month ago Cybersecuritynews.com CVE-2025-29824 Scattered Spider SideCopy
CVE-2025-29824 - Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. ...
2 weeks ago CVE-2025-29824 CVE-2023-28252 CVE-2025-24983 CVE-2025-31324
Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active ...
7 months ago Thehackernews.com CVE-2024-29824
CISA Adds High-Severity Ivanti Vuln to KEV Catalog - "Exploiting this flaw could have serious consequences, such as data breaches, disruption of business operations, and further compromise of internal systems," Eric Schwake, director of cybersecurity strategy at Salt Security, wrote in an ...
7 months ago Darkreading.com CVE-2024-29824
CVE-2021-29824 - IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to priviledge escalation where a lower level user could have read access to to the 'Data Connections' page to which they don't have access. IBM X-Force ID: 204468. ...
2 years ago
CVE-2022-29824 - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, ...
2 years ago
CVE-2023-29824 - ** DISPUTED ** A use-after-free issue was discovered in Py_FindObjects() function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue. ...
1 year ago
CVE-2024-29824 - An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. ...
6 months ago Tenable.com