Advisories, Hacking, News, Threat Research, Vulnerabilities, , , , ,
Cyber Security Advisories

Zero Day Initiative Upcoming Advisories

ZDI: Upcoming Advisories The following is a list of vulnerabilities discovered by Zero Day Initiative researchers that are yet to be publicly disclosed. The affected vendor has been contacted on the specified date and while they work on a patch for these vulnerabilities, Trend Micro customers are protected from exploitation by IPS filters delivered ahead of public disclosure. Once the affected vendor patches the vulnerability, we publish an accompanying security advisory which describes the issue, including links to the vendor’s fixes.

  • ZDI-CAN-26524: Allegra
    on April 2, 2025 at 5:00 am

    A CVSS score 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘hoan.pk’ was reported to the affected vendor on: 2025-04-02, 1 days ago. The vendor is given until 2025-07-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-25730: Allegra
    on April 2, 2025 at 5:00 am

    A CVSS score 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Mo0n Sha\xf0\x9d\x84\x9eow (VNPT Cyber Immunity)’ was reported to the affected vendor on: 2025-04-02, 1 days ago. The vendor is given until 2025-07-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26275: Schneider Electric
    on April 2, 2025 at 5:00 am

    A CVSS score 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2025-04-02, 1 days ago. The vendor is given until 2025-07-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26274: Schneider Electric
    on April 2, 2025 at 5:00 am

    A CVSS score 7.2 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2025-04-02, 1 days ago. The vendor is given until 2025-07-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26639: Linux
    on April 2, 2025 at 5:00 am

    A CVSS score 2.8 AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L severity vulnerability discovered by ‘ReDress’ was reported to the affected vendor on: 2025-04-02, 1 days ago. The vendor is given until 2025-07-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26273: Schneider Electric
    on April 2, 2025 at 5:00 am

    A CVSS score 4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2025-04-02, 1 days ago. The vendor is given until 2025-07-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26610: Avast
    on April 2, 2025 at 5:00 am

    A CVSS score 8.8 AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by ‘Baris Akkaya’ was reported to the affected vendor on: 2025-04-02, 1 days ago. The vendor is given until 2025-07-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26763: PDF-XChange
    on April 2, 2025 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Rocco Calvi (@TecR0c) with TecSecurity’ was reported to the affected vendor on: 2025-04-02, 1 days ago. The vendor is given until 2025-07-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26621: Linux
    on April 2, 2025 at 5:00 am

    A CVSS score 2.8 AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L severity vulnerability discovered by ‘ReDress’ was reported to the affected vendor on: 2025-04-02, 1 days ago. The vendor is given until 2025-07-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26526: Microsoft
    on April 2, 2025 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Nelson William Gamazo Sanchez and Nitesh Surana of Trend Micro Security Research’ was reported to the affected vendor on: 2025-04-02, 1 days ago. The vendor is given until 2025-07-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26464: Schneider Electric
    on April 2, 2025 at 5:00 am

    A CVSS score 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2025-04-02, 1 days ago. The vendor is given until 2025-07-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26826: Apple
    on April 2, 2025 at 5:00 am

    A CVSS score 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative’ was reported to the affected vendor on: 2025-04-02, 1 days ago. The vendor is given until 2025-07-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26852: Autodesk
    on April 2, 2025 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Mat Powell of Trend Micro Zero Day Initiative’ was reported to the affected vendor on: 2025-04-02, 1 days ago. The vendor is given until 2025-07-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26474: Gen Digital
    on March 30, 2025 at 5:00 am

    A CVSS score 7.3 AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Zeze with TeamT5’ was reported to the affected vendor on: 2025-03-30, 4 days ago. The vendor is given until 2025-07-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26619: TeamViewer
    on March 30, 2025 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Peter Gabaldon (https://x.com/PedroGabaldon)’ was reported to the affected vendor on: 2025-03-30, 4 days ago. The vendor is given until 2025-07-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26645: AnyDesk
    on March 30, 2025 at 5:00 am

    A CVSS score 4.7 AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H severity vulnerability discovered by ‘Giuliano Sanfins from SiDi (0x_alibabas)’ was reported to the affected vendor on: 2025-03-30, 4 days ago. The vendor is given until 2025-07-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26282: Trend Micro
    on March 30, 2025 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Lays (@_L4ys) of TRAPA Security’ was reported to the affected vendor on: 2025-03-30, 4 days ago. The vendor is given until 2025-07-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26660: TeamViewer
    on March 30, 2025 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Giuliano Sanfins(0x_alibabas) from SiDi’ was reported to the affected vendor on: 2025-03-30, 4 days ago. The vendor is given until 2025-07-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26374: Razer
    on March 30, 2025 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘0x_alibabas (x.com/0x_alibabas)’ was reported to the affected vendor on: 2025-03-30, 4 days ago. The vendor is given until 2025-07-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26375: Razer
    on March 30, 2025 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘0x_alibabas (x.com/0x_alibabas)’ was reported to the affected vendor on: 2025-03-30, 4 days ago. The vendor is given until 2025-07-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26373: Razer
    on March 30, 2025 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘0x_alibabas (x.com/0x_alibabas)’ was reported to the affected vendor on: 2025-03-30, 4 days ago. The vendor is given until 2025-07-28 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26484: Trend Micro
    on March 28, 2025 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Zeze with TeamT5’ was reported to the affected vendor on: 2025-03-28, 6 days ago. The vendor is given until 2025-07-26 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26802: Foxit
    on March 28, 2025 at 5:00 am

    A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by ‘Mat Powell of Trend Micro Zero Day Initiative’ was reported to the affected vendor on: 2025-03-28, 6 days ago. The vendor is given until 2025-07-26 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26734: PDF-XChange
    on March 28, 2025 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘Anonymous’ was reported to the affected vendor on: 2025-03-28, 6 days ago. The vendor is given until 2025-07-26 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26503: Fuji Electric
    on March 28, 2025 at 5:00 am

    A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘kimiya’ was reported to the affected vendor on: 2025-03-28, 6 days ago. The vendor is given until 2025-07-26 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26715: Wolters Kluwer
    on March 27, 2025 at 5:00 am

    A CVSS score 10.0 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by ‘Nitesh Surana (niteshsurana.com) of Trend Micro Research’ was reported to the affected vendor on: 2025-03-27, 7 days ago. The vendor is given until 2025-07-25 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-25807: Samsung
    on March 25, 2025 at 5:00 am

    A CVSS score 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ’06fe5fd2bc53027c4a3b7e395af0b850e7b8a044′ was reported to the affected vendor on: 2025-03-25, 9 days ago. The vendor is given until 2025-07-23 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-25978: Samsung
    on March 25, 2025 at 5:00 am

    A CVSS score 9.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N severity vulnerability discovered by ’06fe5fd2bc53027c4a3b7e395af0b850e7b8a044′ was reported to the affected vendor on: 2025-03-25, 9 days ago. The vendor is given until 2025-07-23 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-26505: Linux
    on March 25, 2025 at 5:00 am

    A CVSS score 6.8 AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H severity vulnerability discovered by ‘Viacheslav Moskvin’ was reported to the affected vendor on: 2025-03-25, 9 days ago. The vendor is given until 2025-07-23 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-25809: Samsung
    on March 25, 2025 at 5:00 am

    A CVSS score 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ’06fe5fd2bc53027c4a3b7e395af0b850e7b8a044′ was reported to the affected vendor on: 2025-03-25, 9 days ago. The vendor is given until 2025-07-23 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

Share Websitecyber

Related Posts:

We are an ethical website cyber security team and we perform security assessments to protect our clients.