Urgent Threat Alert: Increased Risk of Cyberattacks Targeting Pakistan in the Wake of Recent India-Pakistan Tensions
May 7, 2025Tinba aka TinyBanker Trojan – Active IOCs
May 7, 2025Urgent Threat Alert: Increased Risk of Cyberattacks Targeting Pakistan in the Wake of Recent India-Pakistan Tensions
May 7, 2025Tinba aka TinyBanker Trojan – Active IOCs
May 7, 2025Severity
Medium
Analysis Summary
CVE-2025-25014 CVSS:9.1
A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints.
CVE-2025-37730 CVSS:6.5
Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle (MitM) attack in “client” mode, as hostname verification in TCP output was not being performed when the ssl_verification_mode => full was set.
Impact
- Gain Access
- Code Execution
Indicators of Compromise
CVE
CVE-2025-25014
CVE-2025-37730
Affected Vendors
- Elastic
Affected Products
- Elastic Kibana - 8.3.0 - 8.18.0 - 9.0.0
- Elastic Logstash - 8.0.0 - 8.18.0 - 9.0.0
Remediation
Refer to Elastic Security Advisory for patch, upgrade, or suggested workaround information.