433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco Secure Firewall Management Center Software HTML Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by submitting malicious content to an affected device and using the device to generate a document that contains sensitive information. A successful exploit could allow the attacker to alter the standard layout of the device-generated documents, read arbitrary files from the underlying operating system, and conduct server-side request forgery (SSRF) attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Security Analyst (Read Only). Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-html-inj-MqjrZrny This advisory is part of the August 2025 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. Security Impact Rating: High CVE: CVE-2025-20148
http://news.poseidon-us.com/TMTz7t

Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper input validation for specific CLI commands. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials. For more information about vulnerable scenarios, see the Details section of this advisory. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-ftd-cmdinj-PhE7kmT This advisory is part of the August 2025 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2025-20220
http://news.poseidon-us.com/TMTz7c

Cisco Secure Firewall Management Center Software Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system. This vulnerability is due to insufficient input validation of certain HTTP request parameters that are sent to the web-based management interface. An attacker could exploit this vulnerability by authenticating to the interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute commands as the root user on the affected device. To exploit this vulnerability, an attacker would need Administrator-level credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-HCRLpFyN This advisory is part of the August 2025 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2025-20306
http://news.poseidon-us.com/TMTz6P

The DOJ and HHS are teaming up again — and federal contractors in healthcare should take notice

“The new enforcement areas have to do with drug pricing, in particular rebate payments to get access to formularies,” said Andrew Hoffman. The post The DOJ and HHS are teaming up again — and federal contractors in healthcare should take notice first appeared on Federal News Network.
http://news.poseidon-us.com/TMTypj

The DOJ and HHS are teaming up again — and federal contractors in healthcare should take notice

“The new enforcement areas have to do with drug pricing, in particular rebate payments to get access to formularies,” said Andrew Hoffman. The post The DOJ and HHS are teaming up again — and federal contractors in healthcare should take notice first appeared on Federal News Network.
http://news.poseidon-us.com/TMTyXX

Transportation Command moving all systems to DoD-approved identity provider by end of year

“We need those granular attributes that right now I don’t know if the DoD is really postured to handle,” Donald “DJ” Cook said. The post Transportation Command moving all systems to DoD-approved identity provider by end of year first appeared on Federal News Network.
http://news.poseidon-us.com/TMTtxx

Brute-force attacks hammer Fortinet devices worldwide

A surge in brute-force attempts targeting Fortinet SSL VPNs that was spotted earlier this month could be a portent of imminent attacks leveraging currently undisclosed (potentially zero-day) vulnerabilities in Fortinet devices. Shifting attacks Greynoise, a cybersecurity intelligence service that through its global network of passive sensors collects, analyzes, and labels data about internet-wide scanning activity, shared on Tuesday that they say spotted two waves of attacks: On August 3, 780+ unique IPs triggered the company’s … More → The post Brute-force attacks hammer Fortinet devices worldwide appeared first on Help Net Security.
http://news.poseidon-us.com/TMTt12

Palo Alto Networks helps organizations accelerate their quantum readiness

Palo Alto Networks announced two new security solutions to help organizations confidently navigate the quantum landscape, and to keep pace with highly dynamic cloud and AI environments. These innovations provide enterprises with the visibility, agility and defenses needed to accelerate their quantum readiness and secure their workloads in a multicloud world. “The quantum threat to encryption is no longer theoretical; it’s an inevitability that demands action now. With these latest innovations that cover the entire … More → The post Palo Alto Networks helps organizations accelerate their quantum readiness appeared first on Help Net Security.
http://news.poseidon-us.com/TMTpbV

For $40, you can buy stolen police and government email accounts

Active police and government email accounts are being sold on the dark web for as little as $40, giving cybercriminals a direct line into systems and services that rely on institutional trust. According to new research from Abnormal AI, the accounts come from agencies in the United States, United Kingdom, Germany, India, and Brazil, and are being traded on underground forums. Source: Abnormal AI Unlike spoofed or dormant addresses, these accounts are functional and still … More → The post For $40, you can buy stolen police and government email accounts appeared first on Help Net Security.
http://news.poseidon-us.com/TMTpXB

What’s the right number of AI projects? It depends.

Analysts say the roster hinges on the goals, budget and overall readiness of an enterprise, as well as its technology stack and workforce.
http://news.poseidon-us.com/TMTgqk