Here are the CVE updates for the week of January 27th through February 2nd.
CRITICAL SEVERITY VULNERABILITIES
Remote Code Execution via Dynamic Code Loading in ZipFile.java | CVE-2024-40673
Description: A remote code execution (RCE) vulnerability has been identified in the ZipFile.java source, where improper input validation allows an attacker to manipulate Dynamic Code Loading. This flaw enables unauthenticated attackers to execute arbitrary code without requiring user interaction or elevated privileges
Potential Impacts:
- Remote Code Execution (RCE): Attackers can execute malicious code on the affected system.
- System Takeover: Full control over the affected environment could be achieved.
- Data Theft & Malware Injection: Unauthorized access to sensitive data or deployment of malicious payloads.
Mitigation Recommendations:
- Apply Security Patches: Ensure that all systems using ZipFile.java are updated with the latest security patches addressing this vulnerability.
- Validate Inputs: Implement strict input validation to prevent manipulation of dynamic code loading.
- Restrict Code Execution: Limit the execution of dynamically loaded code to trusted sources only.
- Enable Runtime Security Monitoring: Use tools like SELinux, AppArmor, or runtime application security solutions to detect and block suspicious behavior.
- Monitor Logs for Anomalous Activity: Regularly review application and system logs for signs of exploitation.
Remote Code Execution Due to Improper Input Sanitization | CVE-2025-24480
Description: A Remote Code Execution (RCE) vulnerability exists in the affected product and version due to insufficient input sanitization. This flaw allows a remote attacker to execute arbitrary commands or code with high privileges, potentially leading to a full system compromise.
Potential Impacts:
- Remote Code Execution: Attackers can run unauthorized commands on the affected system.
- Privilege Escalation: Exploitation may grant attackers high-level system access.
- Data Breach & Malware Deployment: Attackers could steal sensitive data or install malicious software.
Mitigation Recommendations:
- Apply Security Patches: Update to the latest patched version that addresses this vulnerability.
- Sanitize Inputs: Implement strict input validation to prevent injection-based exploits.
- Limit Privileged Execution: Restrict the execution of system commands to only trusted processes.
- Enable Application Whitelisting: Prevent unauthorized scripts or programs from running.
- Monitor System Logs & Network Traffic: Regularly review logs for unusual activity that may indicate exploitation attempts.
Path Traversal Vulnerability in Dumb Drop File Upload Application | CVE-2025-24891
Description: A path traversal vulnerability has been identified in Dumb Drop, a file upload application. Authenticated and unauthenticated users may exploit this flaw to overwrite arbitrary system files. Since the application runs as root by default, attackers can inject malicious payloads into scheduled tasks or system processes, leading to remote code execution (RCE). Additionally, if authentication is not enabled, this flaw could allow unprivileged users full root access.
Potential Impacts:
- Remote Code Execution (RCE): Attackers can replace critical system files with malicious payloads.
- Privilege Escalation: Overwriting key system files may allow attackers to gain root access.
- Service Disruption: The system may become unstable or unusable due to modified configurations.
- Data Manipulation: Critical data may be replaced, deleted, or corrupted.
Mitigation Recommendations:
- Apply Security Updates: If a patch is available, update Dumb Drop to a secured version immediately.
- Restrict File Upload Locations: Ensure uploaded files are stored in a dedicated, non-sensitive directory.
- Enable Authentication: Require strong authentication to prevent unauthorized users from exploiting the flaw.
- Run as a Non-Root User: Configure the application to run with limited privileges to minimize damage.
- Validate File Paths: Implement input validation and sanitization to block directory traversal attempts.
- Monitor System Logs: Regularly inspect file system activity for unauthorized modifications.
HIGH SEVERITY VULNERABILITIES
Use-After-Free Vulnerability in Apple Operating Systems | CVE-2025-24085 (CISA KEV): A use-after-free vulnerability was identified in Apple’s operating systems, affecting visionOS, iOS, iPadOS, macOS, watchOS, and tvOS. This issue arises due to improper memory management, potentially allowing a malicious application to execute arbitrary code and elevate privileges. Apple has patched this vulnerability in the following software versions:
- visionOS 2.3
- iOS 18.3 and iPadOS 18.3
- macOS Sequoia 15.3
- watchOS 11.3
- tvOS 18.3
Privilege Escalation Vulnerability in Snowflake JDBC Driver | CVE-2025-24789: A privilege escalation vulnerability has been identified in the Snowflake JDBC Driver, affecting versions 3.2.3 through 3.21.0 on Windows. The issue occurs when using the EXTERNALBROWSER authentication method, where an attacker with write access to a directory in the Windows %PATH% environment variable can escalate privileges to the user running the vulnerable driver. Snowflake has addressed this vulnerability in version 3.22.0.
Use-After-Free Vulnerability in Google Chrome DevTools | CVE-2025-0762: A use-after-free vulnerability has been discovered in Google Chrome DevTools, affecting versions prior to 132.0.6834.159. This flaw allows a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. The vulnerability stems from improper memory management, leading to use of freed memory, which can cause unexpected behavior, crashes, or even remote code execution. Google has addressed this issue in Chrome 132.0.6834.159.
Out-of-Bounds Write Vulnerability in Multiple Switches | CVE-2024-7695: An out-of-bounds write vulnerability has been identified in multiple network switches due to insufficient input validation. This flaw allows unauthorized memory modification, potentially leading to a denial-of-service (DoS) attack. The vulnerability poses a significant remote threat, especially if the affected devices are connected to publicly accessible networks. Exploitation could result in system crashes or operational disruptions, requiring manual intervention to restore services.
MEDIUM SEVERITY VULNERABILITIES
Stored Cross-Site Scripting (XSS) Vulnerability in ClickWhale Plugin | CVE-2025-0804: A Stored Cross-Site Scripting (XSS) vulnerability exists in the ClickWhale – Link Manager, Link Shortener, and Click Tracker plugin for WordPress in all versions up to and including 2.4.1. The issue arises due to insufficient input sanitization and improper output escaping in link titles. Authenticated attackers with Contributor-level access or higher can exploit this flaw to inject malicious JavaScript that executes when a user accesses an affected page.