CVE-2025-5344 – Bluebird Kiosk Remote Service Unauthenticated RCE

July 17, 2025

CVE ID : CVE-2025-5344

Published : July 17, 2025, 1:15 p.m. | 1 hour, 16 minutes ago

Description : Bluebird devices contain a pre-loaded kiosk application. This application exposes an unsecured service provider “com.bluebird.kiosk.launcher.IpartnerKioskRemoteService”. A local attacker can bind to the AIDL-type service to modify device’s global settings and wallpaper image.

This issue affects all versions before 1.1.2.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5345 – Bluebird IsdcardRemoteService Unauthenticated File Manipulation Vulnerability

Next Article CVE-2025-52933 – Apache Struts XML External Entity (XXE) Injection

Highlights

CVE-2025-20286 – “Cisco ISE Cloud Credential Exposure Vulnerability”

June 4, 2025

CVE ID : CVE-2025-20286

Published : June 4, 2025, 5:15 p.m. | 2 hours, 21 minutes ago

Description : A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems.

This vulnerability exists because credentials are improperly generated when Cisco ISE is being deployed on cloud platforms, resulting in different Cisco ISE deployments sharing the same credentials. These credentials are shared across multiple Cisco ISE deployments as long as the software release and cloud platform are the same. An attacker could exploit this vulnerability by extracting the user credentials from Cisco ISE that is deployed in the cloud and then using them to access Cisco ISE that is deployed in other cloud environments through unsecured ports. A successful exploit could allow the attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems.
Note: If the Primary Administration node is deployed in the cloud, then Cisco ISE is affected by this vulnerability. If the Primary Administration node is on-premises, then it is not affected.

Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

Report: 71% of tech leaders won’t hire devs without AI skills

Could OpenAI’s rumored browser be a Chrome-killer? Here’s what I’m expecting

My favorite lens and screen-cleaning kit keeps my tech spotless, and it only costs $8

AI’s biggest impact on your workforce is still to come – 3 ways to avoid getting left behind

Remedy offers update on ‘FBC: Firebreak,’ details coming improvements — “We’ve seen many players come into the game and leave within the first hour.”

The details of TC39’s last meeting

The details of TC39’s last meeting

Online Examination System using PHP and MySQL

A tricky, educational quiz: it’s about time..

CAD Sketcher – constraint-based geometry sketcher

CAD Sketcher – constraint-based geometry sketcher

7 Best Free and Open Source Linux FTP Servers

Best Free and Open Source Alternatives to Autodesk FBX Review

CVE-2025-5344 – Bluebird Kiosk Remote Service Unauthenticated RCE

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

The Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber Threats

CVE-2025-4746 – Campcodes Sales and Inventory System SQL Injection Vulnerability

Critical Linux Vulnerabilities Expose Password Hashes on Millions of Linux Systems Worldwide

Google komt met Android-updates voor aangevallen FreeType-lek

CVE-2025-20286 – “Cisco ISE Cloud Credential Exposure Vulnerability”

Microsoft ha risolto il bug che impediva il dual boot tra Windows 11 e le distribuzioni GNU/Linux

CVE-2025-5985 – Code-projects School Fees Payment System Remote Authentication Bypass Vulnerability

Kioxia Exceria Plus G2 Portable SSD 2TB Review

CVE-2025-5344 – Bluebird Kiosk Remote Service Unauthenticated RCE

Related Posts