CVE-2025-53770: SharePoint のゼロデイ脆弱性の悪用に関するよくある質問
Successful exploitation of CVE-2025-53770 could expose MachineKey configuration details from a vulnerable SharePoint Server, ultimately enabling unauthenticated remote code execution....
CVE-2025-54309: CrushFTP のゼロデイ脆弱性の悪用が確認される
A critical zero-day flaw in CrushFTP that can grant attackers administrator access was discovered on July 18 and is under active exploitation....
オラクル、2025 年 7 月のクリティカルパッチアップデートで 165 件の脆弱性を修正
Oracle addresses 165 CVEs in its third quarterly update of 2025 with 309 patches, including nine critical updates....
Microsoft の 2025 年 7 月月例セキュリティ更新プログラム、128 件の CVE を修正 (CVE-2025-49719)
Microsoft addresses 128 CVEs, including one zero-day vulnerability that was publicly disclosed....
CVE-2025-5777, CVE-2025-6543: CitrixBleed 2 および Citrix NetScaler の脆弱性に関するよくある質問
Frequently asked questions about recent Citrix NetScaler ADC and Gateway vulnerabilities that have reportedly been exploited in the wild, including CVE-2025-5777 known as CitrixBleed 2....
イランのサイバー作戦に関するよくある質問
Tenable’s Research Special Operations team focuses on some frequently asked questions about Iranian cyber operations, including the tactics, techniques and procedures employed by Iran-based threat actors....
Microsoft の 2025 年 6 月月例セキュリティ更新プログラム、65 件の CVE を修正 (CVE-2025-33053)
Microsoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild....
BadSuccessor に関するよくある質問
Frequently asked questions about “BadSuccessor,” a zero-day privilege escalation vulnerability in Active Directory domains with at least one Windows Server 2025 domain controller....
CVE-2025-32756: Fortinet の複数製品におけるゼロデイ脆弱性の悪用が確認される
Fortinet has observed threat actors exploiting CVE-2025-32756, a critical zero-day arbitrary code execution vulnerability which affects multiple Fortinet products including FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera....
CVE-2025-4427、CVE-2025-4428: Ivanti Endpoint Manager Mobile (EPMM) におけるリモートコード実行の脆弱性
Remote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks...
マイクロソフトの 2025 年 5 月月例セキュリティ更新プログラム: 71 件の CVE を修正 (CVE-2025-32701、CVE-2025-32706、CVE-2025-30400)
Microsoft addresses 71 CVEs including seven zero-days, five of which were exploited in the wild....
修復時間の短縮にTenable Vulnerability Watch の活用が効果的
脆弱性へのタイムリーな対応は、依然として多くの組織にとって大きな課題です。運用に対して最も大きなリスクとなるエクスポージャーの優先順位付けに苦慮しているのが実情です。既存のスコアリングシステムは非常に有用ではあるものの、文脈 (コンテキスト) が欠けている場合があります。Tenableの脆弱性監視分類システムが...