Advantive

Advantive's VeraCore warehouse management software has suffered a security breach due to the exploitation of two critical vulnerabilities by the XE Group, a threat actor active since 2010. CVE-2024-57968, a severe file upload vulnerability, has been patched, but CVE-2025-25181, a SQL injection flaw, remains unpatched as of March 2025. The exploitation of these vulnerabilities allowed the attackers to deploy web shells, gain persistent access, and potentially compromise supply chain security by stealing sensitive data and causing operational disruptions. The longevity of the breach, with attackers maintaining access for over four years in some instances, highlights the significant threat this incident poses to the logistics sector and critical infrastructure.

Source: https://cybersecuritynews.com/cisa-adds-2-veracore-vulnerabilities-to-known-actively-exploit-vulnerability-catalog/

TPRM report: https://www.rankiteo.com/company/advantive-software

"id": "adv959031125",
"linkid": "advantive-software",
"type": "Vulnerability",
"date": "6/2010",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'industry': 'Logistics',
                        'name': 'Advantive',
                        'type': 'Company'}],
 'attack_vector': ['File Upload Vulnerability', 'SQL Injection'],
 'data_breach': {'data_exfiltration': True,
                 'type_of_data_compromised': 'Sensitive Data'},
 'date_publicly_disclosed': 'March 2025',
 'description': "Advantive's VeraCore warehouse management software has "
                'suffered a security breach due to the exploitation of two '
                'critical vulnerabilities by the XE Group, a threat actor '
                'active since 2010. CVE-2024-57968, a severe file upload '
                'vulnerability, has been patched, but CVE-2025-25181, a SQL '
                'injection flaw, remains unpatched as of March 2025. The '
                'exploitation of these vulnerabilities allowed the attackers '
                'to deploy web shells, gain persistent access, and potentially '
                'compromise supply chain security by stealing sensitive data '
                'and causing operational disruptions. The longevity of the '
                'breach, with attackers maintaining access for over four years '
                'in some instances, highlights the significant threat this '
                'incident poses to the logistics sector and critical '
                'infrastructure.',
 'impact': {'data_compromised': 'Sensitive Data',
            'operational_impact': 'Operational Disruptions',
            'systems_affected': 'VeraCore Warehouse Management Software'},
 'initial_access_broker': {'backdoors_established': True,
                           'entry_point': ['File Upload Vulnerability',
                                           'SQL Injection'],
                           'high_value_targets': 'Supply Chain Security'},
 'motivation': 'Data Theft, Operational Disruption',
 'post_incident_analysis': {'root_causes': ['File Upload Vulnerability',
                                            'SQL Injection']},
 'threat_actor': 'XE Group',
 'title': 'Advantive VeraCore Warehouse Management Software Breach',
 'type': 'Security Breach',
 'vulnerability_exploited': ['CVE-2024-57968', 'CVE-2025-25181']}

Advantive

Fortinet: Active Exploitation of FortiOS SSL VPN Vulnerability CVE-2020-12812

MongoDB: MongoDB warns admins to patch severe vulnerability immediately

LangChain: A message from John Furrier, co-founder of SiliconANGLE: