Vulnerability cyber

Advantive

Mar 11, 2025 1 min read
Advantive

Advantive's VeraCore warehouse management software has suffered a security breach due to the exploitation of two critical vulnerabilities by the XE Group, a threat actor active since 2010. CVE-2024-57968, a severe file upload vulnerability, has been patched, but CVE-2025-25181, a SQL injection flaw, remains unpatched as of March 2025. The exploitation of these vulnerabilities allowed the attackers to deploy web shells, gain persistent access, and potentially compromise supply chain security by stealing sensitive data and causing operational disruptions. The longevity of the breach, with attackers maintaining access for over four years in some instances, highlights the significant threat this incident poses to the logistics sector and critical infrastructure.

Source: https://cybersecuritynews.com/cisa-adds-2-veracore-vulnerabilities-to-known-actively-exploit-vulnerability-catalog/

"id": "adv959031125",
"linkid": "advantive-software",
"type": "Vulnerability",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.