|
Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs. New content is now available at the Threat Management Center (TMC). |
| |
|
System Requirements |
The 3.2.0 DV is supported on devices running TOS 5.x and earlier.
The 4.0.0 DV is supported on devices running TOS 6.x or higher, as
well as vTPS. Please note that vTPS does not currently support pre-disclosed ZDI filters.
|
| |
|
The Digital Vaccine can be manually downloaded from the following URLs:
|
New Filters:
46395: HTTP: Netgate pfSense Dashboard Widgets widgetkey XML Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an XML injection vulnerability in Netgate pfSense.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-54779 CVSS 7.3
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 16, 2025
46396: SNMP: Cisco Authframework OID Get-Request Buffer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Moderate
- Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Cisco.
- Deployment: Not enabled by default in any deployment.
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: SNMP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 16, 2025
46397: HTTP: Advantech iView NetworkServlet getNextTrapPage SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Advantech iView.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-53475 CVSS 7.7
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 16, 2025
46398: HTTP: WordPress Everest Forms Plugin Unrestricted File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an unrestricted file upload vulnerability in WordPress Everest Forms Plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-1128 CVSS 8.5
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 16, 2025
46399: HTTP: Apache OFBiz Scrum Plugin Argument Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an argument injection vulnerability in Apache OFBiz.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-54466 CVSS 8.5
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 16, 2025
46401: ZDI-CAN-27998: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46402: ZDI-CAN-27974: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46403: ZDI-CAN-27973: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46404: ZDI-CAN-27960: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46405: ZDI-CAN-27963: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46406: ZDI-CAN-27972: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46407: ZDI-CAN-27971: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46408: ZDI-CAN-27970: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46409: ZDI-CAN-27965: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46410: ZDI-CAN-27967: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46411: ZDI-CAN-27966: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46412: ZDI-CAN-27964: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46413: ZDI-CAN-27961: Zero Day Initiative Vulnerability (Autodesk AutoCAD)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Autodesk AutoCAD.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46426: ZDI-CAN-27634: Zero Day Initiative Vulnerability(Hewlett Packard Enterprise Autopass License Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Hewlett Packard Enterprise Autopass License Server.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Deployment: Evaluation (Permit / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46427: HTTP: F5 BIG-IP Suspicious iControl Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects a suspicious request in F5 BIG-IP.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2022-41622
- Classification: Vulnerability - Other
- Protocol: TCP (Generic)
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46428: HTTP: Lilin DVR Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in various Lilin DVRs.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: September 16, 2025
46430: HTTP: Nessus Directory Traversal Scanning
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Reconnaissance
- Severity: Moderate
- Description: This filter detects traffic associated with a Nessus Vulnerability Scan.
- Deployment: Not enabled by default in any deployment.
- Classification: Reconnaissance / Suspicious Access - Suspicious Service Request
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: September 16, 2025
46432: ZDI-CAN-27949: Zero Day Initiative Vulnerability (Red Hat Ansible)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Red Hat Ansible.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46433: ZDI-CAN-27352: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Monitouch V-SFT.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46434: ZDI-CAN-27350: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Monitouch V-SFT.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46435: ZDI-CAN-27957,27958: Zero Day Initiative Vulnerability (GPT Academic)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting GPT Academic.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46439: ZDI-CAN-27956: Zero Day Initiative Vulnerability (GPT Academic)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting GPT Academic.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 16, 2025
46440: HTTP: Adobe Coldfusion RSS Feed Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Adobe ColdFusion.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-54261
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: September 16, 2025
46441: HTTP: FreePBX Unsanitized Endpoints SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in FreePBX web-based graphical user interface.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-57819 CVSS 10.0
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 16, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
33530: HTTP: Adobe BlazeDS Entity Injection Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: November 20, 2018
- Last Modified Date: September 16, 2025
* 44385: HTTP: Ivanti Endpoint Manager DBDR SQL Injection Vulnerability (ZDI-24-1498,ZDI-24-1499,ZDI-24-1500)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: June 18, 2024
- Last Modified Date: September 16, 2025
45958: HTTP: Delta Electronics ISPSoft ISP File Parsing Memory Corruption Vulnerability (ZDI-25-877)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45958: ZDI-CAN-25875: Zero Day Initiative Vulnerability (Delta Electronics ISPSoft)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 10, 2025
- Last Modified Date: September 16, 2025
46323: HTTP: Coder code-server proxy Unintended Proxy Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 26, 2025
- Last Modified Date: September 16, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
45867: HTTP: Siemens Simcenter Femap NEU File Parsing Type Confusion Vulnerability (ZDI-25-875)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45867: ZDI-CAN-26747: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 13, 2025
- Last Modified Date: September 16, 2025
45868: HTTP: Siemens Simcenter Femap NEU File Parsing Type Confusion Vulnerability (ZDI-25-876)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45868: ZDI-CAN-26744: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 13, 2025
- Last Modified Date: September 16, 2025
45870: HTTP: Siemens Simcenter Femap NEU File Parsing Type Confusion Vulnerability (ZDI-25-874)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45870: ZDI-CAN-26748: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 13, 2025
- Last Modified Date: September 16, 2025
Removed Filters: None
|
