Multiple Elastic Kibana and Logstash Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2025-25014 CVSS:9.1

A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints.

CVE-2025-37730 CVSS:6.5

Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle (MitM) attack in “client” mode, as hostname verification in TCP output was not being performed when the ssl_verification_mode => full was set.

Impact

Gain Access
Code Execution

Indicators of Compromise

CVE

CVE-2025-25014
CVE-2025-37730

Affected Vendors

Elastic

Affected Products

Elastic Kibana - 8.3.0 - 8.18.0 - 9.0.0
Elastic Logstash - 8.0.0 - 8.18.0 - 9.0.0

Remediation

Refer to Elastic Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2025-25014

CVE-2025-37730

Urgent Threat Alert: Increased Risk of Cyberattacks Targeting Pakistan in the Wake of Recent India-Pakistan Tensions

Tinba aka TinyBanker Trojan – Active IOCs

Multiple Elastic Kibana and Logstash Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan