Security News > 2025 > February > MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)
2025-02-28 14:44
Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-2025–27364) that may allow unauthenticated attackers to achieve remote code execution. About MITRE Caldera MITRE Caldera is a platform built on the MITRE ATT&CK framework and is used by cybersecurity teams for adversary emulation, to evaluate detections and defensive tools, train red and blue teamers, testing cyber ranges, and so on. It consists of a core system (including a … More → The post MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) appeared first on Help Net Security.
News URL
Related news
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation (source)
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) (source)
- SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability (source)
- Lightning AI Studio Vulnerability Could've Allowed RCE via Hidden URL Parameter (source)
- Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) (source)
- PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) (source)