AsyncRAT – Active IOCs

April 24, 2025

Multiple Dell ECS Vulnerabilities

April 24, 2025

Multiple IBM Infosphere Information Server Vulnerabilities

April 24, 2025

Severity

Medium

Analysis Summary

CVE-2025-25046 CVSS:3.7

IBM InfoSphere Information Server DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man-in-the-middle techniques.

CVE-2025-25045 CVSS:4.3

A vulnerability exists in IBM InfoSphere Information Server where an authenticated user can access sensitive details through detailed technical error messages. These error responses potentially expose information that could be leveraged for subsequent system attacks.

CVE-2024-22351 CVSS:6.3

IBM InfoSphere Information Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

Impact

Gain Access
Information Disclosure

Indicators of Compromise

CVE

CVE-2025-25045
CVE-2025-25046
CVE-2024-22351

Affected Vendors

Affected Products

IBM InfoSphere Information Server - 11.7

Remediation

Refer to IBM Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2025-25045

CVE-2025-25046

CVE-2024-22351

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Python RAT Uses Discord Interface to Execute Remote Attacks

Critical Alert: Jordanian Banks Under Siege by Everest Ransomware Group

The SocGholish-RansomHub Connection – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

AsyncRAT – Active IOCs

Multiple Dell ECS Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.