Happy Valentine’s Day! Welcome to your ONSEC Cyber Daily newsletter for February 14th. Today, we're diving into a sea of vulnerabilities and patches, with a focus on the recent Palo Alto Networks authentication bypass exploit in PAN-OS software. This vulnerability, tracked as CVE-2025-0108, has a CVSS score of 7.8 out of 10, dropping to 5.1 if access to the management is restricted. In other news, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are urging manufacturers to prevent buffer overflow vulnerabilities. This comes as the US cyber defense agency has issued a new alert about these vulnerabilities, calling for the software industry to adopt proper programming practices. Meanwhile, the US Coast Guard is being urged to strengthen its cybersecurity amid a daily port risk of $2 billion. This concern arises as the reliance on technology grows, making the MTS more vulnerable to cybersecurity incidents. In the world of scams, FedEx is cautioning against a new wave of scams and urging public vigilance. If you encounter a potential FedEx scam, you're advised to contact local law enforcement or report the incident via the Cyber Crime Helpline. Lastly, we're seeing a surge in exploitation activity targeting two critical vulnerabilities, CVE-2022-47945 in ThinkPHP and CVE-2023-49103 in ownCloud. Stay tuned for more updates and remember to patch your systems regularly to stay ahead of potential threats.

Exploits Alert

1. Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software: Palo Alto Networks has patched a vulnerability (CVE-2025-0108) in its PAN-OS software. The exploit, which had a CVSS score of 7.8, could have allowed unauthorized access to the management interface. Source: The Hacker News
2. CISA & FBI Issue Alert on Buffer Overflow Vulnerabilities: The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued an alert urging manufacturers to prevent buffer overflow vulnerabilities. These vulnerabilities can lead to serious security breaches if exploited. Source: ExecutiveGov
3. US Coast Guard Urged to Strengthen Cybersecurity Amid $2B Daily Port Risk: The US Coast Guard has been urged to strengthen its cybersecurity measures due to a daily port risk of $2 billion. As reliance on technology increases, the Marine Transportation System (MTS) becomes more vulnerable to cybersecurity incidents. Source: Tripwire
4. Active Exploitation of Years-old ThinkPHP, ownCloud Bugs Spike: There has been a spike in the active exploitation of years-old vulnerabilities in ThinkPHP and ownCloud. These vulnerabilities could facilitate arbitrary operating system command execution and data compromise. Source: MSSP Alert
5. FortiOS Vulnerability Allows Super-Admin Privilege Escalation – Patch Now!: A vulnerability in FortiOS allows for super-admin privilege escalation. Users are urged to patch their systems immediately to prevent potential breaches. Source: Hackread

Vulnerabilities & Patches

1. WinZip Vulnerability – CVE-2025-1240: A vulnerability in WinZip allows remote attackers to execute arbitrary code. Users are advised to apply the latest patches and follow recommended security practices. Source: Cyber Security News
2. PAN-OS Authentication Bypass Vulnerability – CVE-2025-0108: Palo Alto Networks has released a patch for a high-severity authentication bypass vulnerability. Users are urged to apply the patch immediately. Source: Cyber Security News
3. High-Severity SQL Injection Vulnerability – CVE-2025-1094: Rapid7 has discovered a high-severity SQL injection vulnerability. Users are advised to apply the patch released by BeyondTrust. Source: Australian Cyber Security Magazine
4. High-Severity OpenSSL Flaw – CVE-2024-12797: A high-severity flaw in OpenSSL could allow MITM attacks. Users are urged to update their systems to prevent potential attacks. Source: SC Media
5. Critical Security Flaw in iOS – CVE-2025-24200: Apple has released iOS 18.3.1 to patch a critical security flaw. iPhone users are strongly advised to update their devices immediately. Source: MSN

Podcasts

1. PODCAST: DeepSeek is still a thing, CommBank has an outage, and happy Valentine's Day!: In this episode of the Cyber Uncut podcast, host David Hollingworth discusses the latest AI and cyber news with journalist Daniel Croft. Topics include the ongoing relevance of DeepSeek, a recent outage at CommBank, and a Valentine's Day greeting. Source: CyberDaily
2. The Network and Information Security (NIS2) Directive - Arthur Cox LLP: This podcast episode focuses on the new requirements, cybersecurity risk management, reporting, and liability and governance under NIS2. Source: Arthur Cox LLP
3. AI at the Inflection Point: Power, Security and the Future of Government IT: This podcast episode discusses the intersection of AI, power, security, and the future of government IT. Note: The episode was not retrievable at the time of writing. Source: GovTech
4. DOGEgeddon: The cyber crisis hiding in plain sight - CyberWire: This episode of the Cybersecurity Marketing podcast discusses DOGEgeddon, a cyber crisis that is hiding in plain sight. The episode also touches on the topic of plague-themed phishing tests. Source: CyberWire

Final Words

And that's a wrap for today's edition of 'ONSEC Cyber Daily'. We've covered a lot of ground, from Palo Alto Networks patching an authentication bypass exploit to the FBI and CISA issuing alerts on buffer overflow vulnerabilities. It's clear that the cybersecurity landscape is ever-evolving, and staying informed is our best defense. Remember, knowledge is power. So, don't keep this valuable information to yourself. Share 'ONSEC Cyber Daily' with your friends and colleagues. Let's work together to create a safer digital world. Until tomorrow, stay safe, stay informed, and keep sharing the knowledge.

x.com

X (formerly Twitter)

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn