CVE-2024-11857 – Realtek Bluetooth HCI Adaptor Link Following Privilege Escalation

June 2, 2025

CVE ID : CVE-2024-11857

Published : June 2, 2025, 4:15 a.m. | 3 hours, 6 minutes ago

Description : Bluetooth HCI Adaptor from Realtek has a Link Following vulnerability. Local attackers with regular privileges can create a symbolic link with the same name as a specific file, causing the product to delete arbitrary files pointed to by the link. Subsequently, attackers can leverage arbitrary file deletion to privilege escalation.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5427 – Juzaweb CMS Permalinks Page Remote Access Control Bypass Vulnerability

Next Article CVE-2025-5426 – Juzaweb CMS Menu Page Remote Access Control Vulnerability

Highlights

CVE-2025-7027 – ASUS Firmware SMM Privilege Escalation Vulnerability

July 11, 2025

CVE ID : CVE-2025-7027

Published : July 11, 2025, 4:15 p.m. | 4 hours, 50 minutes ago

Description : A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived from an unvalidated UEFI NVRAM variable (SetupXtuBufferAddress), while the write content is read from an attacker-controlled pointer based on the RBX register. This dual-pointer dereference enables arbitrary memory writes within System Management RAM (SMRAM), leading to potential SMM privilege escalation and firmware compromise.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

ChatGPT now has an agent mode

Scrum Alliance and Kanban University partner to offer new course that teaches both methodologies

Is ChatGPT down? You’re not alone. Here’s what OpenAI is saying

I found a tablet that could replace my iPad and Kindle – and it’s worth every penny

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

Execute Ping Commands and Get Back Structured Data in PHP

Execute Ping Commands and Get Back Structured Data in PHP

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

Microsoft confirms active cyberattacks on SharePoint servers

How to Manually Check & Install Windows 11 Updates (Best Guide)

CVE-2024-11857 – Realtek Bluetooth HCI Adaptor Link Following Privilege Escalation

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics

How to Find and Manage Your IP Address: A Step-by-Step Guide

Reminduck – simple reminder app

You’re a business

CVE-2025-41645 – D-Link Device Hijacking Vulnerability

CVE-2025-7027 – ASUS Firmware SMM Privilege Escalation Vulnerability

CVE-2025-5323 – Fossasia Open-Event-Server Encryption Bypass Vulnerability

Accelerate generative AI inference with NVIDIA Dynamo and Amazon EKS

APPLE-SA-04-16-2025-4 visionOS 2.4.1

CVE-2024-11857 – Realtek Bluetooth HCI Adaptor Link Following Privilege Escalation

Related Posts