HKCERT Infosec Express

Multiple vulnerabilities were identified in ASUS Router. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, denial of service condition, elevation of privilege, sensitive information disclosure, data manipulation, and security restriction bypass on the targeted system. Impact Denial of Service Remote Code Execution Data Manipulation Information Disclosure Security Restriction Bypass Elevation of Privilege System / Technologies affected Series prior to 3.0.0.4_386 Series prior to 3.0.0.4_388 Series prior to 3.0.0.6_102 Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor:   3.0.0.4_386 or later series 3.0.0.4_388 or later series 3.0.0.6_102 or later series

Multiple vulnerabilities were identified in SonicWall Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure and data manipulation on the targeted system. Impact Remote Code Execution Denial of Service Information Disclosure Data Manipulation System / Technologies affected Email Security (ES Appliance 5000, 5050, 7000, 7050, 9000, VMware and Hyper-V) 10.0.33.8195 and earlier versions Gen7 hardware Firewalls (TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700, NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSsp 15700) 7.3.0-7012 and older versions Gen7 virtual Firewalls (NSv270, NSv470, NSv870 for ESX, KVM, Hyper-V, AWS, Azure) 7.3.0-7012 and older versions Gen8 Firewalls (TZ80, TZ280, TZ380, TZ480, TZ580, TZ680, NSa 2800, NSa 3800, NSa 4800, NSa 5800) 8.0.2-8011 and older versions Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0016 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0018

A vulnerability has been identified in in WhatsApp. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system. Impact Security Restriction Bypass System / Technologies affected WhatsApp for iOS prior to v2.25.23.73 WhatsApp Business for iOS v2.25.23.82 WhatsApp for Mac v2.25.23.83 Solutions Before installation of the software, please visit the software vendor web-site for more details. Apply fixes issued by the vendor: https://www.whatsapp.com/security/advisories/2025

Multiple vulnerabilities were identified in Aruba Products. A remote attacker could exploit these vulnerabilities to trigger denial of service condition, security restriction bypass, sensitive information disclosure, data manipulation and remote code execution on the targeted system. Impact Remote Code Execution Data Manipulation Information Disclosure Security Restriction Bypass Denial of Service System / Technologies affected HPE Aruba Networking AOS-CX Software Version(s):   AOS-CX 10.16.xxxx: 10.16.1000 and below AOS-CX 10.15.xxxx: 10.15.1020 and below AOS-CX 10.14.xxxx: 10.14.1050 and below AOS-CX 10.13.xxxx: 10.13.1090 and below AOS-CX 10.10.xxxx: 10.10.1160 and below   HPE Aruba Networking 100 Series Cellular Bridge Version(s):   AOS-10.7.1.x: 10.7.1.1 and below   HPE Aruba Networking Management Software (AirWave):   8.3.0.4 and below Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04971en_us&docLocale=en_US https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04970en_us&docLocale=en_US https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04888en_us&docLocale=en_US

Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, sensitive information disclosure and elevation of privilege on the targeted system.   Note: CVE-2025-58034 is being exploited in the wild. This… Impact Remote Code Execution Elevation of Privilege Information Disclosure System / Technologies affected FortiOS FortiOS 6.0 all versions FortiOS 6.2 all versions FortiOS 6.4 all versions FortiOS 7.0 all versions FortiOS 7.2 all versions FortiOS 7.4 all versions FortiOS 7.4.0 through 7.4.8 FortiOS 7.6.0 through 7.6.3 FortiProxy FortiProxy 7.0 all versions FortiProxy 7.2 all versions FortiProxy 7.4 all versions FortiProxy 7.6.0 through 7.6.3 FortiWeb FortiWeb 7.0 all versions FortiWeb 7.0.0 through 7.0.11 FortiWeb 7.2 all versions FortiWeb 7.2.0 through 7.2.11 FortiWeb 7.4 all versions FortiWeb 7.4.0 through 7.4.10 FortiWeb 7.6.0 through 7.6.5 FortiWeb 8.0.0 through 8.0.1 FortiMail FortiMail 7.0 all versions FortiMail 7.2 all versions FortiMail 7.4.0 through 7.4.5 FortiMail 7.6.0 through 7.6.3 FortiClientWindows FortiClientWindows 7.0 all versions FortiClientWindows 7.2.0 through 7.2.10 FortiClientWindows 7.4.0 through 7.4.3 FortiSASE FortiSASE 25.3.b FortiPAM FortiPAM 1.0 all versions FortiPAM 1.1 all versions FortiPAM 1.2 all versions FortiPAM 1.3 all versions FortiPAM 1.4 all versions FortiPAM 1.5 all versions FortiPAM 1.6.0 Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://fortiguard.fortinet.com/psirt/FG-IR-25-112 https://fortiguard.fortinet.com/psirt/FG-IR-25-125 https://fortiguard.fortinet.com/psirt/FG-IR-25-358 https://fortiguard.fortinet.com/psirt/FG-IR-25-513 https://fortiguard.fortinet.com/psirt/FG-IR-25-545 https://fortiguard.fortinet.com/psirt/FG-IR-25-632 https://fortiguard.fortinet.com/psirt/FG-IR-25-634 https://fortiguard.fortinet.com/psirt/FG-IR-25-843 https://fortiguard.fortinet.com/psirt/FG-IR-25-844

Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution on the targeted system.   Note: CVE-2025-13223 is being exploited in the wild. The vulnerability is caused by a type confusion weakness… Impact Remote Code Execution System / Technologies affected Microsoft Edge version prior to 142.0.3595.90 Solutions Before installation of the software, please visit the software vendor web-site for more details. Apply fixes issued by the vendor: Update to version 142.0.3595.90 or later

Multiple vulnerabilities were identified in Mozilla Thunderbird. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing, remote code execution and security restriction bypass on the targeted system. Impact Denial of Service Remote Code Execution Spoofing Security Restriction Bypass System / Technologies affected Versions prior to:   Thunderbird 145 Thunderbird 140.5   Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor:   Thunderbird 145 Thunderbird 140.5

Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution on the targeted system.   Note: CVE-2025-13223 is being exploited in the wild. The vulnerability is caused by a type confusion weakness… Impact Remote Code Execution System / Technologies affected Google Chrome prior to 142.0.7444.175 (Linux) Google Chrome prior to 142.0.7444.176 (Mac) Google Chrome prior to 142.0.7444.175/.176 (Windows) Solutions Before installation of the software, please visit the software vendor web-site for more details. Apply fixes issued by the vendor: Update to version 142.0.7444.175 (Linux) or later Update to version 142.0.7444.176 (Mac) or later Update to version 142.0.7444.175/.176 (Windows) or later

A vulnerability was identified in Fortinet FortiWeb. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.   Note: CVE-2025-64446 is being exploited in the wild. This relative path traversal vulnerability in FortiWeb may allow an… Impact Remote Code Execution System / Technologies affected FortiWeb FortiWeb 7.0.0 through 7.0.11 FortiWeb 7.2.0 through 7.2.11 FortiWeb 7.4.0 through 7.4.9 FortiWeb 7.6.0 through 7.6.4 FortiWeb 8.0.0 through 8.0.1 Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://fortiguard.fortinet.com/psirt/FG-IR-25-910

A vulnerability has been identified in ASUS Router. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system. Impact Security Restriction Bypass System / Technologies affected DSL-AC51: versions prior to 1.1.2.3_1010 DSL-N16: versions prior to 1.1.2.3_1010 DSL-AC750: versions prior to 1.1.2.3_1010 Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor:   DSL-AC51: 1.1.2.3_1010 or later version DSL-N16: 1.1.2.3_1010 or later version DSL-AC750: 1.1.2.3_1010 or later version

Solutions HKCERT urges the public to increase their awareness of cybersecurity and recommends that Internet users should: If you have provided personal information to these websites, call 18222 to contact the Anti-Deception Coordination Centre of the Hong Kong Police Force. For inquiries about the eTraffic Ticket Platform, call 181 181. For inquiries about HKeToll, call 3853 7333. Check the URL: The URL of a phishing website is usually similar to the real website, but there will be slight differences, such as misspellings or using a different domain name. Users should double check the URL to ensure it is correct. Avoid clicking on unknown links: Don’t click on random links from unknown sources, especially links you receive in email or on social media. Do not log in to unknown websites, or provide personal information.   Pay attention to security certificates: Although phishing websites can also use the HTTPS protocol, users should still check the security lock symbol in the browser address bar and ensure that the certificate information matches the website. Watch out for suspicious content: Phishing websites may contain misspellings, grammatical errors, or inconsistent design elements. These are potential warning signs. Use anti-phishing tools: Use the free search engine “Scameter” of Cyberdefender.hk to identify fraud and network traps by checking website addresses and IP addresses. Implement SMS spam blocking on devices:  for Android phone, go to Settings > SMS Spam Recognition. for IOS phone, go to Settings > Messages > Unknown & Spam. Update software regularly: Ensure operating systems and applications are kept up to date to prevent known vulnerabilities from being exploited. Enable multi-factor authentication: Enable multi-factor authentication for important accounts to add an extra layer of security. Education and training: Companies should provide regular cybersecurity training to employees to improve their awareness of prevention. Monitor account activity: Regularly check the activity of bank accounts and other important accounts to detect suspicious behavior early. Back up important data: Back up important data regularly to prevent data loss due to phishing attacks or other cyber threats.   Businesses or members of the public who wish to report to HKCERT on information security related incidents such as malware, phishing, denial of service attacks, etc. can do so by completing the online form at: https://www.hkcert.org/incident-reporting , or calling the 24-hour hotline at +852 8105 6060. For further enquiries, please contact HKCERT at hkcert@hkcert.org.  

A vulnerability was identified in Microsoft Edge. A remote attacker could exploit this vulnerability to trigger denial of service condition and remote code execution on the targeted system. Impact Remote Code Execution Denial of Service System / Technologies affected Microsoft Edge version prior to 142.0.3595.80 Solutions Before installation of the software, please visit the software vendor web-site for more details. Apply fixes issued by the vendor: Update to version 142.0.3595.80 or later

Multiple vulnerabilities were identified in Mozilla Firefox. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing, remote code execution and security restriction bypass on the targeted system. Impact Denial of Service Remote Code Execution Spoofing Security Restriction Bypass System / Technologies affected Versions prior to:   Firefox ESR 115.30 Firefox ESR 140.5 Firefox 145   Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor:   Firefox ESR 115.30 Firefox ESR 140.5 Firefox 145

Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, elevation of privilege, denial of service condition, sensitive information disclosure and security restriction bypass on the targeted system. Impact Denial of Service Security Restriction Bypass Information Disclosure Elevation of Privilege Cross-Site Scripting System / Technologies affected GitLab Community Edition (CE) versions prior to 18.5.2, 18.4.4, 18.3.6 GitLab Enterprise Edition (EE) versions prior to 18.5.2, 18.4.4, 18.3.6 Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://about.gitlab.com/releases/2025/11/12/patch-release-gitlab-18-5-2-released/

Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass, remote code execution, denial of service condition and sensitive information disclosure on the targeted system. Impact Remote Code Execution Denial of Service Information Disclosure Security Restriction Bypass System / Technologies affected ChromeOS versions prior to 16433.41.0 (Browser version 142.0.7444.147) Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor. For detail, please refer to the link below: https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-chromeos.html

Multiple vulnerabilities were identified in Apache OpenOffice. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, spoofing and sensitive information disclosure on the targeted system. Impact Denial of Service Spoofing Information Disclosure System / Technologies affected Apache OpenOffice versions prior to 4.1.16 Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://www.openoffice.org/security/bulletin.html

A vulnerability was identified in Palo Alto PAN-OS. A remote attacker can exploit this vulnerability to trigger denial of service condition on the targeted system. Impact Denial of Service System / Technologies affected PAN-OS 10.2 versions >= 10.2.4-h25, >= 10.2.7-h11, < 10.2.7-h24, >= 10.2.8-h10, < 10.2.8-h21, >= 10.2.9-h6, < 10.2.9-h21, >= 10.2.10-h2, < 10.2.10-h14, < 10.2.11-h12,< 10.2.12-h6, < 10.2.13-h3, < 10.2.14 PAN-OS 11.1 versions >= 11.1.2-h9, < 11.1.2-h18, >= 11.1.3-h2, >= 11.1.4-h4, < 11.1.4-h13, < 11.1.6-h1, < 11.1.7 PAN-OS 11.2 versions < 11.2.2-h2, < 11.2.3-h6, < 11.2.4-h4, < 11.2.5 PAN-OS Prisma Access versions >= 10.2.4-h25, < 10.2.10-h14, < 11.2.4-h4 Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor For detail, please refer to the link below: https://security.paloaltonetworks.com/CVE-2025-4619

A vulnerability was identified in Google Chrome. A remote attacker could exploit this vulnerability to trigger denial of service condition and remote code execution on the targeted system.   [Updated on 2025-11-13] Updated System / Technologies affected, Solutions and Related Links. Impact Remote Code Execution Denial of Service System / Technologies affected Google Chrome prior to 142.0.7444.162 (Linux) Google Chrome prior to 142.0.7444.162  (Mac) Google Chrome prior to 142.0.7444.162/.163  (Windows) Google Chrome prior to 142.0.7444.158 (Android) Solutions Before installation of the software, please visit the software vendor web-site for more details. Apply fixes issued by the vendor: Update to version 142.0.7444.162 (Linux) or later Update to version 142.0.7444.162 (Mac) or later Update to version 142.0.7444.162/.163 (Windows) or later Update to version 142.0.7444.158 (Android) or later

Multiple vulnerabilities were identified in GitHub Enterprise Server. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, remote code execution and cross-site scripting on the targeted system.   Note: Proof of Concept exploit code Is publicly available for CVE-… Impact Remote Code Execution Elevation of Privilege Cross-Site Scripting System / Technologies affected GitHub Enterprise Server versions prior to 3.18.1 Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: Update to GitHub Enterprise Server versions 3.18.1

Adobe has released monthly security update for their products:   Vulnerable Product Risk Level Impacts Notes Details (including CVE) Adobe InDesign Medium Risk Remote Code Execution   APSB25-106 Adobe InCopy Medium Risk Remote Code Execution   APSB25… Impact Remote Code Execution Security Restriction Bypass Information Disclosure System / Technologies affected Adobe InDesign ID20.5 and earlier versions Adobe InDesign ID19.5.5 and earlier versions Adobe InCopy  20.5 and earlier versions Adobe InCopy  19.5.5 and earlier versions Illustrator 2025 29.8.2 and earlier versions Illustrator 2024 28.7.10 and earlier versions Adobe Illustrator on iPad 3.0.9 and earlier versions Adobe Pass Authentication Android SDK 3.7.3 and earlier versions Adobe Substance 3D Stager 3.1.5 and earlier versions Adobe Format Plugins 1.1.1 and earlier versions Photoshop 2025 26.8.1 and earlier versions Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor. Please refer to ‘Details’ column in the above table for details of individual product update or run software update.