ICS: Multiple Delta Electronics ISPSoft Vulnerabilities

May 1, 2025

MedusaLocker Ransomware – Active IOCs

May 1, 2025

Multiple Netgear Ex6200 Firmware Vulnerabilities

May 1, 2025

Severity

High

Analysis Summary

CVE-2025-4140 CVSS:8.8

A vulnerability, which was classified as critical, has been found in Netgear. Affected by this issue is the function sub_30394. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4141 CVSS:8.8

A vulnerability, which was classified as critical, was found in Netgear. This affects the function sub_3C03C. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4142 CVSS:8.8

A vulnerability has been found in Netgear and classified as critical. This vulnerability affects the function sub_3C8EC. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4149 CVSS:8.8

A vulnerability was found in Netgear. It has been classified as critical. This affects the function sub_54014. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4148 CVSS:8.8

A vulnerability was found in Netgear. Affected by this issue is the function sub_503FC. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4146 CVSS:8.8

A vulnerability, which was classified as critical, was found in Netgear. Affected is the function sub_41940. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4147 CVSS:8.8

A vulnerability has been found in Netgear and classified as critical. Affected by this vulnerability is the function sub_47F7C. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Impact

Buffer Overflow

Indicators of Compromise

CVE

CVE-2025-4140
CVE-2025-4141
CVE-2025-4142
CVE-2025-4149
CVE-2025-4148
CVE-2025-4147
CVE-2025-4146

Affected Vendors

NETGEAR

Affected Products

Netgear Ex6200 Firmware - 1.0.3.94

Remediation

Refer to NETGEAR Security Advisory for patch, upgrade, or suggested workaround information.

NETGEAR Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

APT41 Abuses Google Calendar to Deploy ToughProgress Malware – Active IOCs

OneDrive Flaw Lets Web Apps Access All Your Files

SideWinder Launches Attacks on South Asia’s Government and Critical Systems

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

ICS: Multiple Delta Electronics ISPSoft Vulnerabilities

MedusaLocker Ransomware – Active IOCs

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.