New Filters:
46162: HTTP: NI FlexLogger usiReg URI File Parsing Directory Traversal Vulnerability (ZDI-25-146)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in NI FlexLoggert.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-2449 CVSS 8.1
- Zero Day Initiative: ZDI-25-146
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: July 22, 2025
46173: HTTP: Adobe Commerce and Magento InputParamsResolver Improper Authorization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an improper authorization vulnerability in Adobe Commerce and Magento.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-24434 CVSS 8.2
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 22, 2025
46196: HTTP: SonicWall SMA100 importlogo Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in SonicWall SMA100.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-32821 CVSS 8.2
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: July 22, 2025
46198: ZDI-CAN-27348: Zero Day Initiative Vulnerability (Apple macOS)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Apple macOS.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 22, 2025
46199: ZDI-CAN-27467: Zero Day Initiative Vulnerability (Dassault Systemes eDrawings Viewer)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Dassault Systemes eDrawings Viewer.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 22, 2025
46200: HTTP: OpenEMR Patient Image Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-side scripting vulnerability in OpenEMR.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-31121 CVSS 8.1
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 22, 2025
46201: HTTP: WinZip 7Z File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-047)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an out-of-bounds write vulnerability in WinZip.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-1240 CVSS 7.7
- Zero Day Initiative: ZDI-25-047
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Windows Client Application
- Release Date: July 22, 2025
46203: TCP: Veeam Backup and Replication DataTable Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in Veeam Backup and Replication.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-23121
- Classification: Vulnerability - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: July 22, 2025
46204: ZDI-CAN-27376: Zero Day Initiative Vulnerability (Schneider Electric PowerChute Serial Shutdown)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Schneider Electric PowerChute Serial Shutdown.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Deployment: Evaluation (Permit / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 22, 2025
46205: TCP: Veeam Backup and Replication DataTable Encrypted Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in Veeam Backup and Replication.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-23121
- Classification: Vulnerability - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: July 22, 2025
46217: HTTP: JSONPath-plus Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a remote code execution vulnerability in JSONPath-plus.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-1302
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Windows Client Application
- Release Date: July 22, 2025
46218: HTTP: Cisco Identity Services Engine (ISE) ERS Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Cisco Identity Services Engine (ISE).
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-20281
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 22, 2025
46219: HTTP: Wing FTP Server Code Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code injection vulnerability in Wing FTP Server.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-47812
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 22, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
* 43256: HTTP: Foxit Reader and PhantomPDF ConvertToPDF Integer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: September 19, 2023
- Last Modified Date: July 22, 2025
45626: HTTP: INVT HMITool VPM File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-474)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45626: ZDI-CAN-25044: Zero Day Initiative Vulnerability (INVT HMITool)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 01, 2025
- Last Modified Date: July 22, 2025
45627: HTTP: INVT HMITool VPM File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-475)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45627: ZDI-CAN-25045: Zero Day Initiative Vulnerability (INVT HMITool)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 01, 2025
- Last Modified Date: July 22, 2025
45628: HTTP: INVT HMITool VPM File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-476)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45628: ZDI-CAN-25047: Zero Day Initiative Vulnerability (INVT HMITool)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 01, 2025
- Last Modified Date: July 22, 2025
45629: HTTP: INVT HMITool VPM File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-477)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45629: ZDI-CAN-25048: Zero Day Initiative Vulnerability (INVT HMITool)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 01, 2025
- Last Modified Date: July 22, 2025
45630: HTTP: INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-478)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45630: ZDI-CAN-25550: Zero Day Initiative Vulnerability (INVT VT-Designer)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 01, 2025
- Last Modified Date: July 22, 2025
45631: HTTP: INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-479)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45631: ZDI-CAN-25571: Zero Day Initiative Vulnerability (INVT VT-Designer)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 01, 2025
- Last Modified Date: July 22, 2025
45632: HTTP: INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-480)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45632: ZDI-CAN-25722: Zero Day Initiative Vulnerability (INVT VT-Designer)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 01, 2025
- Last Modified Date: July 22, 2025
45633: HTTP: INVT VT-Designer PM3 File Parsing Type Confusion Vulnerability (ZDI-25-481)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45633: ZDI-CAN-25723: Zero Day Initiative Vulnerability (INVT VT-Designer)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 01, 2025
- Last Modified Date: July 22, 2025
45634: HTTP: INVT VT-Designer PM3 File Parsing Out-Of-Bounds Write Vulnerability (ZDI-25-482)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45634: ZDI-CAN-25724: Zero Day Initiative Vulnerability (INVT VT-Designer)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 01, 2025
- Last Modified Date: July 22, 2025
* 45905: HTTP: Microsoft SharePoint ToolPane Authentication Bypass Vulnerability (Pwn2Own ZDI-25-580)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45905: PWN2OWN ZDI-CAN-27162: Zero Day Initiative Vulnerability (Microsoft SharePoint)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 20, 2025
- Last Modified Date: July 22, 2025
* 45906: HTTP: Microsoft SharePoint DataSetSurrogate Insecure Deserialization Vulnerability (ZDI-25-581)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45906: PWN2OWN ZDI-CAN-27247: Zero Day Initiative Vulnerability (Microsoft SharePoint)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 20, 2025
- Last Modified Date: July 22, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
* 46160: HTTP: Microsoft SharePoint ToolPane Authentication Bypass Vulnerability (Pwn2Own ZDI-25-580)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "46160: HTTP: Microsoft SharePoint Insecure Deserialization Vulnerability (Pwn2Own ZDI-25-581)".
- Description updated.
- Release Date: July 08, 2025
- Last Modified Date: July 22, 2025
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.