Rewterz

SideWinder APT Group aka Rattlesnake – Active IOCs

May 27, 2025
Rewterz

CVE-2025-33079 – IBM Controller Vulnerability

May 27, 2025

Multiple Jenkins Docker Images Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2025-32754 CVSS:5.6

Jenkins jenkins/ssh-agent Docker images could allow a remote attacker to access to the network path between the SSH client and SSH build agent to impersonate the latter, caused by the use of same SSH host keys in containers with same version.

CVE-2025-32755 CVSS:5.6

Jenkins jenkins/ssh-slave Docker images could allow a remote attacker to access to the network path between the SSH client and SSH build agent to impersonate the latter, caused by the use of same SSH host keys in containers with same version.

Impact

  • Security Bypass

Indicators of Compromise

CVE

  • CVE-2025-32754

  • CVE-2025-32755

Affected Vendors

  • Jenkins

Affected Products

  • Jenkins ssh-agent Docker images - 6.11.1
  • Jenkins ssh-slave Docker images

Remediation

Upgrade to the latest version of Jenkins, available from the Jenkins Security Advisory.

Jenkins Security Advisory

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.