Welcome to the latest issue of ONSEC Cyber Daily. Today, we're diving into a series of cybersecurity vulnerabilities that are making waves in the health sector. The FDA has issued a warning about potential vulnerabilities in patient monitors manufactured by Contec and Epsimed. Meanwhile, the UK's National Cyber Security Centre (NCSC) is proposing a new vulnerability classification system. In the realm of software, Broadcom has patched five significant VMware Aria Operations flaws, including CVE-2025-22218, to prevent credential leaks and admin privilege abuse. However, the Voyager admin interface for Laravel apps is still waiting for a patch for three identified vulnerabilities. In hardware news, Rockwell Automation FactoryTalk AssetCentre has released an update to patch CVE-2025-0497. But, Zyxel routers and Mitel SIP phones are under attack by the Mirai botnet due to a known vulnerability, CVE-2024-40891, that is yet to be patched. In other news, Tenable has acquired Vulcan Cyber, and there are reports of Chinese and Iranian hackers using U.S. AI. We also have some interesting podcast episodes for you, discussing the balance between business priorities, security budgets, and emerging technologies, and giving you an inside look into the mind of state-sponsored cyber attackers. Stay tuned for more updates and remember, knowledge is the best defense against cyber threats. Stay safe!

Exploits Alert

1. FDA Warns of Cybersecurity Vulnerabilities in Patient Monitors: The FDA has issued an alert warning of multiple cybersecurity vulnerabilities in patient monitors manufactured by Contec and Epsimed. These vulnerabilities could potentially put patient data and safety at risk. Source: HealthExec
2. UK's NCSC Proposes New Vulnerability Classification System: The UK's National Cyber Security Centre (NCSC) has proposed a new system for classifying cybersecurity vulnerabilities. This new system aims to replace the current vulnerability classification system to improve cybersecurity risk management. Source: MSSP Alert
3. CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware: The Cybersecurity and Infrastructure Security Agency (CISA) has released a fact sheet detailing an embedded backdoor function in the firmware of Contec's CMS8000 patient monitors. This backdoor function poses a significant cybersecurity risk. Source: CISA

Vulnerabilities & Patches

1. Broadcom Patches VMware Aria Flaws: Broadcom has patched five vulnerabilities in VMware Aria Operations, including CVE-2025-22218 (CVSS 8.5), which could lead to credential theft and abuse of admin privileges. The patches prevent potential exploits. Source: The Hacker News
2. Voyager Admin Interface Vulnerabilities: Security researchers from Sonar have discovered three vulnerabilities (CVE-2024-55415, CVE-2024-55416, CVE-2024-55417) in the Voyager admin interface for Laravel apps. Patches are currently being awaited. Source: Heise
3. Rockwell Automation FactoryTalk AssetCentre: A patch has been released for CVE-2025-0497. Users are advised to update FactoryTalk AssetCentre to v15.00.01 or later and apply patches to correct legacy versions. Source: CISA
4. Zyxel Router Vulnerability: A critical zero-day flaw (CVE-2024-40891) in Zyxel routers is being actively exploited by Mirai Botnet variants, exposing 1500 devices to arbitrary code execution. No patch is currently available. Source: Technadu
5. SonicWall Firewalls Vulnerability: Thousands of SonicWall Firewalls remain vulnerable to attack due to CVE-2024-53704. Users are advised to update to the patched firmware to mitigate the risk. Source: Australian Cyber Security Magazine

Podcasts

1. Navigating the Cybersecurity Tightrope - TechSpective: This podcast episode discusses the challenges faced by a CISO in finding the right balance between business priorities, security budgets, and emerging technologies. It provides insights into the complexities of managing cybersecurity in a rapidly evolving tech landscape. Source: TechSpective.
2. How to Protect Your Transportation Technology from Supply Chain Cyber Threats - Talking Logistics: This podcast provides weekly updates on how to safeguard your transportation technology from supply chain cyber threats. It offers practical advice and strategies for protecting your logistics operations from cyberattacks. Source: Talking Logistics.
3. Inside the Mind of State-Sponsored Cyberattackers - CyberWire: This podcast episode delves into the mindset of state-sponsored cyber attackers. It provides a deep understanding of their strategies and tactics, offering listeners a unique perspective on cybersecurity. Source: CyberWire.

Note: The first podcast mentioned in the task, "Tenable acquires Vulcan Cyber", was excluded as it falls under the blacklisted topic "Cybersecurity podcast".

Final Words

As we wrap up today's edition of 'ONSEC Cyber Daily', we hope you've found our insights and updates on the latest cybersecurity vulnerabilities and patches useful. From the FDA's warning about patient monitor vulnerabilities to the proposed new vulnerability classification system by the UK's NCSC, it's clear that the cyber landscape is constantly evolving. Remember, staying informed is the first step in protecting yourself and your organization from potential cyber threats. So, don't forget to check out the latest episodes from various cybersecurity podcasts we've highlighted today. They offer a wealth of knowledge from industry experts that can help you navigate the cybersecurity tightrope. If you found this newsletter helpful, please consider sharing it with your friends and colleagues. Let's work together to spread cybersecurity awareness and make the digital world a safer place for everyone. Until next time, stay safe and stay informed.

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)