Views:

Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs. New content is now available at the Threat Management Center (TMC).

System Requirements

The 3.2.0 DV is supported on devices running TOS 5.x and earlier.
The 4.0.0 DV is supported on devices running TOS 6.x or higher, as well as vTPS. Please note that vTPS does not currently support pre-disclosed ZDI filters.

The Digital Vaccine can be manually downloaded from the following URLs:

Table of Contents
--------------------------
  New Filters - 13
  Modified Filters (logic changes) - 3
  Modified Filters (metadata changes only) - 6
  Removed Filters - 0

  New Filters:

    46616: ZDI-CAN-28085: Zero Day Initiative Vulnerability (Netgate pfSense)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Netgate pfSense.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Evaluation (Permit / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46617: HTTP: Microsoft Configuration Manager SyncToken SQL Injection Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit a privilege escalation vulnerability in Microsoft Configuration Manager.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-55320 CVSS 8.6
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46618: ZDI-CAN-28086: Zero Day Initiative Vulnerability (Netgate pfSense)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Netgate pfSense.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Evaluation (Permit / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46619: ZDI-CAN-28088: Zero Day Initiative Vulnerability (Netgate pfSense)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Netgate pfSense.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Evaluation (Permit / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46625: HTTP: Suspicious Recursive JSON Object in an HTTP Request
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects the usage of a large amount of recursive objects within an HTTP request.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2024-57699
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46626: HTTP: Vvveb CMS Theme Editor Code Execution Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a code execution vulnerability in Vvveb CMS.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-8518
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46628: HTTP: Apache Kylin updateUserWithoutAuth Authentication Bypass Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Apache Kylin.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-61733 CVSS 8.5
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46629: ZDI-CAN-28251,28252,28253: Zero Day Initiative Vulnerability (Hugging Face Transformers)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting Hugging Face Transformers.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: November 11, 2025

    46639: HTTP: Nexxt Router Amp300 Firmware Command Injection Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in Nexxt Router Amp300.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2022-44149
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: November 11, 2025

    46640: ZDI-CAN-28212: Zero Day Initiative Vulnerability (Flowise AI)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Flowise AI.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Evaluation (Permit / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46641: HTTP: Suspicious Shell Endpoint Command Usage
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects the usage of OS commands against a generic Shell endpoint.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46642: ZDI-CAN-28387: Zero Day Initiative Vulnerability (CrewAI)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting CrewAI.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Evaluation (Permit / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46645: HTTP: CentOS Web Panel filemanager changePerm OS Command Injection Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in CentOS Web Panel.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-48703
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: November 11, 2025
   


  Modified Filters (logic changes):
    * = Enabled in Default deployments

    45720: HTTP: Heimdall Data Database Proxy Cross-Site Scripting Vulnerability (ZDI-25-980)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "45720: ZDI-CAN-24755: Zero Day Initiative Vulnerability (Heimdall Data Database Proxy)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 15, 2025
      - Last Modified Date: November 11, 2025

    45858: HTTP: Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Vulnerability (ZDI-25-954)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "45858: ZDI-CAN-26626: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: May 13, 2025
      - Last Modified Date: November 11, 2025

    46099: HTTP: Ivanti Endpoint Manager MP_QueryDetail2 SQL Injection Vulnerability (ZDI-25-942)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "46099: ZDI-CAN-26864: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: July 01, 2025
      - Last Modified Date: November 11, 2025



  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    * 44386: HTTP: Ivanti Endpoint Manager MP_VistaReport SQL Injection Vulnerability (ZDI-24-1493,ZDI-25-939)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: June 18, 2024
      - Last Modified Date: November 11, 2025

    * 44394: HTTP: Ivanti Endpoint Manager Report_Run2 SQL Injection Vulnerability (ZDI-24-1496,25-945,25-946)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: June 18, 2024
      - Last Modified Date: November 11, 2025

    * 44487: HTTP: Ivanti Endpoint Manager Report_RunPatch SQL Injection Vulnerability (ZDI-24-1502,25-936,938)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: July 09, 2024
      - Last Modified Date: November 11, 2025

    46124: HTTP: Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-969)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "46124: ZDI-CAN-26672: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
      - Description updated.
      - Vulnerability references updated.
      - Release Date: July 08, 2025
      - Last Modified Date: November 11, 2025

    46125: HTTP: Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-971)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "46125: ZDI-CAN-26677: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
      - Description updated.
      - Vulnerability references updated.
      - Release Date: July 08, 2025
      - Last Modified Date: November 11, 2025

    46126: HTTP: Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-970)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "46126: ZDI-CAN-26683: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
      - Description updated.
      - Vulnerability references updated.
      - Release Date: July 08, 2025
      - Last Modified Date: November 11, 2025


  Removed Filters: None

Keywords: TippingPoint, Digital Vaccine, Trend Micro, DVLabs, Threat Management Center, TOS 5.x, TOS 6.x, vTPS, security filters, cybersecurity updates, malware protection, network security, new filters, modified filters, threat intelligence

Digital Vaccine #10083

Product / Version includes:

TippingPoint Digital Vaccine All

Last updated: 2025/11/12

Solution ID: KA-0021587

Category: Configure , Troubleshoot , Install

Summary

Digital Vaccine #10083 November 11, 2025

Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs. New content is now available at the Threat Management Center (TMC).

System Requirements

The Digital Vaccine can be manually downloaded from the following URLs:

Table of Contents
--------------------------
  New Filters - 13
  Modified Filters (logic changes) - 3
  Modified Filters (metadata changes only) - 6
  Removed Filters - 0

  New Filters:

    46616: ZDI-CAN-28085: Zero Day Initiative Vulnerability (Netgate pfSense)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Netgate pfSense.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Evaluation (Permit / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46617: HTTP: Microsoft Configuration Manager SyncToken SQL Injection Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit a privilege escalation vulnerability in Microsoft Configuration Manager.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-55320 CVSS 8.6
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46618: ZDI-CAN-28086: Zero Day Initiative Vulnerability (Netgate pfSense)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Netgate pfSense.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Evaluation (Permit / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46619: ZDI-CAN-28088: Zero Day Initiative Vulnerability (Netgate pfSense)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Netgate pfSense.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Evaluation (Permit / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46625: HTTP: Suspicious Recursive JSON Object in an HTTP Request
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects the usage of a large amount of recursive objects within an HTTP request.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2024-57699
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46626: HTTP: Vvveb CMS Theme Editor Code Execution Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a code execution vulnerability in Vvveb CMS.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-8518
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46628: HTTP: Apache Kylin updateUserWithoutAuth Authentication Bypass Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Apache Kylin.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-61733 CVSS 8.5
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46629: ZDI-CAN-28251,28252,28253: Zero Day Initiative Vulnerability (Hugging Face Transformers)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting Hugging Face Transformers.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: November 11, 2025

    46639: HTTP: Nexxt Router Amp300 Firmware Command Injection Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in Nexxt Router Amp300.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2022-44149
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: November 11, 2025

    46640: ZDI-CAN-28212: Zero Day Initiative Vulnerability (Flowise AI)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting Flowise AI.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Evaluation (Permit / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46641: HTTP: Suspicious Shell Endpoint Command Usage
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects the usage of OS commands against a generic Shell endpoint.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46642: ZDI-CAN-28387: Zero Day Initiative Vulnerability (CrewAI)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against the exploitation of a zero-day vulnerability affecting CrewAI.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Evaluation (Permit / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 11, 2025

    46645: HTTP: CentOS Web Panel filemanager changePerm OS Command Injection Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in CentOS Web Panel.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-48703
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: November 11, 2025
   


  Modified Filters (logic changes):
    * = Enabled in Default deployments

    45720: HTTP: Heimdall Data Database Proxy Cross-Site Scripting Vulnerability (ZDI-25-980)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "45720: ZDI-CAN-24755: Zero Day Initiative Vulnerability (Heimdall Data Database Proxy)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: April 15, 2025
      - Last Modified Date: November 11, 2025

    45858: HTTP: Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Vulnerability (ZDI-25-954)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "45858: ZDI-CAN-26626: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: May 13, 2025
      - Last Modified Date: November 11, 2025

    46099: HTTP: Ivanti Endpoint Manager MP_QueryDetail2 SQL Injection Vulnerability (ZDI-25-942)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "46099: ZDI-CAN-26864: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: July 01, 2025
      - Last Modified Date: November 11, 2025



  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    * 44386: HTTP: Ivanti Endpoint Manager MP_VistaReport SQL Injection Vulnerability (ZDI-24-1493,ZDI-25-939)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: June 18, 2024
      - Last Modified Date: November 11, 2025

    * 44394: HTTP: Ivanti Endpoint Manager Report_Run2 SQL Injection Vulnerability (ZDI-24-1496,25-945,25-946)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: June 18, 2024
      - Last Modified Date: November 11, 2025

    * 44487: HTTP: Ivanti Endpoint Manager Report_RunPatch SQL Injection Vulnerability (ZDI-24-1502,25-936,938)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: July 09, 2024
      - Last Modified Date: November 11, 2025

    46124: HTTP: Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-969)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "46124: ZDI-CAN-26672: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
      - Description updated.
      - Vulnerability references updated.
      - Release Date: July 08, 2025
      - Last Modified Date: November 11, 2025

    46125: HTTP: Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-971)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "46125: ZDI-CAN-26677: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
      - Description updated.
      - Vulnerability references updated.
      - Release Date: July 08, 2025
      - Last Modified Date: November 11, 2025

    46126: HTTP: Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-970)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "46126: ZDI-CAN-26683: Zero Day Initiative Vulnerability (Delta Electronics DIAScreen)".
      - Description updated.
      - Vulnerability references updated.
      - Release Date: July 08, 2025
      - Last Modified Date: November 11, 2025


  Removed Filters: None

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Digital Vaccine #10083

Digital Vaccine #10083

Product / Version includes:

Summary