CVE-2025-45006 – RISC-V Processor Mstatus.SUM Bit Retention Privilege Escalation Vulnerability

July 2, 2025

CVE ID : CVE-2025-45006

Published : July 1, 2025, 8:15 p.m. | 18 hours, 46 minutes ago

Description : Improper mstatus.SUM bit retention (non-zero) in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-35164 – Apache Guacamole SSH Console Code Execution Vulnerability

Next Article CISA Warns of TeleMessage TM SGNL Vulnerabilities Exploited in Attacks

Highlights

CVE-2013-10060 – Netgear Router OS Command Injection Vulnerability

August 1, 2025

CVE ID : CVE-2013-10060

Published : Aug. 1, 2025, 9:15 p.m. | 2 hours, 19 minutes ago

Description : An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Psychology Of Color In UX Design And Digital Products

This week in AI dev tools: Claude Sonnet 4’s larger context window, ChatGPT updates, and more (August 15, 2025)

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

Your smart home device just got a performance and security boost for free

Ultrahuman brings advanced cycle and ovulation tracking to its smart ring

DistroWatch Weekly, Issue 1135

14 secret phone codes that unlock hidden features on your Android and iPhone

Air Quality Prediction System using Python ML

Air Quality Prediction System using Python ML

AI’s Hidden Thirst: The Water Behind Tech

Minesweeper game in 100 lines of pure JavaScript – easy tutorial

DistroWatch Weekly, Issue 1135

DistroWatch Weekly, Issue 1135

Ubuntu’s New “Dangerous” Daily Builds – What Are They?

gofmt – formats Go programs

CVE-2025-45006 – RISC-V Processor Mstatus.SUM Bit Retention Privilege Escalation Vulnerability

CVE-2025-9090 – Tenda Telnet Service Command Injection

CVE-2025-9091 – Tenda AC20 Hard-Coded Credentials Vulnerability

Langflow Under Attack: CISA Warns of Active Exploitation of CVE-2025-3248

Windows 11’s Start menu is getting a big redesign, lets you turn off Recommended feed

BCPS Cyberattack Confirmed: Employee and Student Data Potentially Compromised

CVE-2025-49223 – Billboard.js Prototype Pollution Vulnerability

CVE-2013-10060 – Netgear Router OS Command Injection Vulnerability

Distribuzioni GNU/Linux: 5 tra le più insolite e originali!

MuseAmp is an audio normalizer for MP3/FLAC

Shaping The Future of Connected Product Innovation

CVE-2025-45006 – RISC-V Processor Mstatus.SUM Bit Retention Privilege Escalation Vulnerability

Related Posts