MassLogger Malware – Active IOCs

April 9, 2025

Multiple Elastic Products Vulnerabilities

April 9, 2025

Multiple Dell Products Vulnerabilities

April 9, 2025

Severity

Medium

Analysis Summary

CVE-2025-27686 CVSS:2.7

Dell Unisphere for PowerMax and PowerMax versions before 10.2.0.9 and 9.2.4.15 have a serious security weakness in their LDAP query handling. This vulnerability allows a high-privileged remote attacker to potentially perform script injection by improperly neutralizing special elements in an LDAP query. The flaw could enable an attacker to manipulate LDAP queries in a way that compromises the system's security, potentially granting unauthorized access or executing malicious scripts.

CVE-2025-29988 CVSS:6.9

Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.

Impact

Gain Access
Code Execution

Indicators of Compromise

CVE

CVE-2025-27686
CVE-2025-29988

Affected Vendors

Dell

Affected Products

Dell Client Platform BIOS
Dell Unisphere for Powermax

Remediation

Refer to Dell Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2025-27686

CVE-2025-29988

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

CVE-2025-6554 – Google Chrome Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

MassLogger Malware – Active IOCs

Multiple Elastic Products Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation