Live
Microsoft Patches CVE-2025-53798: RRAS Memory Leak Exposes VPN Gateways to Data Theft·MSFT +0.1%Windows RRAS Out-of-Bounds Read Flaw Exposes Memory to Remote Attackers·NVDA +3.0%Critical RRAS Flaw Exposes VPN Gateways to Remote Memory Leaks — Patch Immediately·GOOGL +1.2%Critical RRAS Memory Leak CVE-2025-53797 Puts VPN Gateways at Risk – Patch Immediately·AMZN +2.9%Redis Misconfiguration Exposes Sensitive Data in Rockwell Automation's LogixAI: CISA Warns·MSFT +0.1%CISA Warns: Remote Attackers Can Brick Rockwell ControlLogix 5580 Controllers — Patch Immediately·NVDA +3.0%CVE-2025-9161: FactoryTalk Optix RCE via MQTT Plugin Loading — Upgrade to 1.6.0 Immediately·GOOGL +1.2%Rockwell Patches Critical SSRF Flaw in ThinManager That Exposes NTLM Hashes to Attackers·AMZN +2.9%Microsoft Patches CVE-2025-53798: RRAS Memory Leak Exposes VPN Gateways to Data Theft·MSFT +0.1%Windows RRAS Out-of-Bounds Read Flaw Exposes Memory to Remote Attackers·NVDA +3.0%Critical RRAS Flaw Exposes VPN Gateways to Remote Memory Leaks — Patch Immediately·GOOGL +1.2%Critical RRAS Memory Leak CVE-2025-53797 Puts VPN Gateways at Risk – Patch Immediately·AMZN +2.9%Redis Misconfiguration Exposes Sensitive Data in Rockwell Automation's LogixAI: CISA Warns·MSFT +0.1%CISA Warns: Remote Attackers Can Brick Rockwell ControlLogix 5580 Controllers — Patch Immediately·NVDA +3.0%CVE-2025-9161: FactoryTalk Optix RCE via MQTT Plugin Loading — Upgrade to 1.6.0 Immediately·GOOGL +1.2%Rockwell Patches Critical SSRF Flaw in ThinManager That Exposes NTLM Hashes to Attackers·AMZN +2.9%

Articles from 2025

Browse all Windows news articles published in 2025

12 articles Page 903 of 2838
Articles from 2025
All archives
Buffer Over-read · Compromise Assessment

Microsoft Patches CVE-2025-53798: RRAS Memory Leak Exposes VPN Gateways to Data Theft

Microsoft has released a vendor update to patch CVE-2025-53798, an information-disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) that allows an attacker to read...

SE Security Desk·43w ago
Cve-2025-54095 · Defense In Depth

Windows RRAS Out-of-Bounds Read Flaw Exposes Memory to Remote Attackers

Microsoft has confirmed a memory disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) that could allow unauthenticated attackers to extract sensitive information from...

SE Security Desk·43w ago
Cve-2025-54096 · Detection

Critical RRAS Flaw Exposes VPN Gateways to Remote Memory Leaks — Patch Immediately

A remote information-disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) received an out-of-band advisory from Microsoft this week, warning that attackers can siphon...

SE Security Desk·43w ago
Attack Surface · Cve-2025-53797

Critical RRAS Memory Leak CVE-2025-53797 Puts VPN Gateways at Risk – Patch Immediately

Microsoft has disclosed a high-severity information-disclosure vulnerability in the Windows Routing and Remote Access Service (RRAS) that could allow unauthenticated attackers to read sensitive...

SE Security Desk·43w ago
Adjacent Network · Analytics Artifacts

Redis Misconfiguration Exposes Sensitive Data in Rockwell Automation's LogixAI: CISA Warns

Rockwell Automation’s FactoryTalk Analytics LogixAI contains a high-severity configuration weakness that could expose sensitive operational data to attackers on adjacent networks. The U.S....

SE Security Desk·43w ago
35.013 · 35.014

CISA Warns: Remote Attackers Can Brick Rockwell ControlLogix 5580 Controllers — Patch Immediately

A critical flaw in Rockwell Automation’s ControlLogix 5580 programmable logic controllers can be exploited over the network to trigger a ‘major nonrecoverable fault,’ effectively bricking the...

SE Security Desk·43w ago
cve_2025_9161_factorytalk.jpg
1.6.0-upgrade · Advisory

CVE-2025-9161: FactoryTalk Optix RCE via MQTT Plugin Loading — Upgrade to 1.6.0 Immediately

Industrial control system operators running Rockwell Automation’s FactoryTalk Optix visualization platform face a critical threat: a flaw in the product’s embedded MQTT broker allows...

SE Security Desk·43w ago
rockwell_patches_critical_ssrf.jpg
Credential Theft · Cve-2025-9065

Rockwell Patches Critical SSRF Flaw in ThinManager That Exposes NTLM Hashes to Attackers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reissued a high-severity advisory on September 9, 2025, for a server-side request forgery (SSRF) vulnerability in Rockwell...

SE Security Desk·43w ago
Abb · Cip Security

CISA Releases 14 ICS Advisories: Urgent Patches for Rockwell, Schneider, and EG4 Inverter Flaws

{ "title": "CISA Releases 14 ICS Advisories: Urgent Patches for Rockwell, Schneider, and EG4 Inverter Flaws", "content": "The Cybersecurity and Infrastructure Security Agency (CISA) on September...

SE Security Desk·43w ago
rockwell_automation_factorytalk_activation.jpg
Activation Server · Cisa Ics Advisory

Rockwell Automation FactoryTalk Activation Manager Vulnerability Allows Remote Decryption and Hijacking

Rockwell Automation has issued an urgent security advisory after a critical cryptographic weakness was discovered in its FactoryTalk Activation Manager, a licensing tool deployed across thousands of...

SE Security Desk·43w ago
1.007 Update · 1783-natr

CISA Warns: Rockwell 1783-NATR Vulnerable to Remote Memory Corruption, Patch Now to v1.007

Rockwell Automation has released an urgent firmware update after the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that a memory allocator bug in the 1783-NATR device could...

SE Security Desk·43w ago
Arbitrary Code · Cisa

CISA Flags Rockwell CompactLogix 5480 Flaw That Lets Attackers Run Code Via Physical Access

Three words can make any plant manager’s blood run cold: arbitrary code execution. That’s what CISA is warning about with a newly republished advisory for the Rockwell Automation CompactLogix...

SE Security Desk·43w ago