May 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
ICS: Multiple Delta Electronics ISPSoft Vulnerabilities
May 1, 2025MedusaLocker Ransomware – Active IOCs
May 1, 2025ICS: Multiple Delta Electronics ISPSoft Vulnerabilities
May 1, 2025MedusaLocker Ransomware – Active IOCs
May 1, 2025
Severity
High
Analysis Summary
CVE-2025-4140 CVSS:8.8
A vulnerability, which was classified as critical, has been found in Netgear. Affected by this issue is the function sub_30394. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-4141 CVSS:8.8
A vulnerability, which was classified as critical, was found in Netgear. This affects the function sub_3C03C. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-4142 CVSS:8.8
A vulnerability has been found in Netgear and classified as critical. This vulnerability affects the function sub_3C8EC. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-4149 CVSS:8.8
A vulnerability was found in Netgear. It has been classified as critical. This affects the function sub_54014. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-4148 CVSS:8.8
A vulnerability was found in Netgear. Affected by this issue is the function sub_503FC. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-4146 CVSS:8.8
A vulnerability, which was classified as critical, was found in Netgear. Affected is the function sub_41940. The manipulation of the argument host leads to buffer overflow. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-4147 CVSS:8.8
A vulnerability has been found in Netgear and classified as critical. Affected by this vulnerability is the function sub_47F7C. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Impact
- Buffer Overflow
Indicators of Compromise
CVE
CVE-2025-4140
CVE-2025-4141
CVE-2025-4142
CVE-2025-4149
CVE-2025-4148
CVE-2025-4147
CVE-2025-4146
Affected Vendors
- NETGEAR
Affected Products
- Netgear Ex6200 Firmware - 1.0.3.94
Remediation
Refer to NETGEAR Security Advisory for patch, upgrade, or suggested workaround information.
