Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257) - watchTowr Labs

Source: https://labs.watchtowr.com/pre-auth-sql-injection-to-rce-fortinet-fortiweb-fabric-connector-cve-2025-25257

The vulnerability identified as CVE-2025-25257 affects the Fortinet FortiWeb Fabric Connector, a component designed to integrate FortiWeb web application firewall capabilities with other security fabric elements. This vulnerability is characterized as a pre-authentication SQL Injection that can escalate to Remote Code Execution (RCE). The pre-authentication nature means that an attacker does not require valid credentials or prior access to exploit the flaw, significantly increasing the attack surface. The SQL Injection vector allows an attacker to manipulate backend database queries by injecting malicious SQL code through unsanitized input fields or API endpoints exposed by the FortiWeb Fabric Connector. Successful exploitation can lead to execution of arbitrary commands on the underlying system, effectively granting the attacker full control over the affected device or server. This can compromise confidentiality, integrity, and availability of the system and potentially the broader network environment. Although the vulnerability is currently rated as medium severity and no known exploits are reported in the wild, the potential for RCE elevates the risk profile. The lack of detailed affected versions and absence of official patches at the time of reporting suggests that organizations using FortiWeb Fabric Connector should urgently assess their exposure and prepare for remediation once patches become available. The technical details stem from a Reddit NetSec post linking to watchTowr Labs, indicating early disclosure and limited public discussion so far.

Reddit NetSec

Detailed information about Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257) - watchTowr Labs. Get real-time updates, technica

Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257) - watchTowr Labs - Live Threat Intelligence - Threat Radar | OffSeq.com

Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257) - watchTowr Labs

Reddit Discussion: Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257) - watchTowr Labs

CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote
command execution by a privileged account when the server is accessed via a console and through
exploitation of the hostname input.

CVE Database V5

Detailed information about CVE-2025-50123: CWE-94 Improper Control of Generation of Code ('Code Injection') in Schneider Electric EcoStruxure IT Data Center Exp

CVE-2025-50123: CWE-94 Improper Control of Generation of Code ('Code Injection') in Schneider Electric EcoStruxure IT Data Center Expert - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-50123: CWE-94 Improper Control of Generation of Code ('Code Injection') in Schneider Electric EcoStruxure IT Data Center Expert

A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's `token2json()` method. This vulnerability affects versions 4.50.3 and earlier, and is fixed in version 4.52.1. The issue arises from the regex pattern `<s_(.*?)>` which can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. This vulnerability can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting document processing tasks using the Donut model.

CVE-2025-3933 is a Regular Expression Denial of Service (ReDoS) vulnerability identified in the Hugging Face Transformers library, specifically within the DonutProcessor class's token2json() method. The vulnerability stems from the use of an inefficient regular expression pattern `<s_(.*?)>`, which is prone to catastrophic backtracking when processing specially crafted input strings. This inefficiency can cause excessive CPU consumption, leading to service degradation or denial of service conditions. The affected versions include 4.50.3 and earlier, with the issue resolved in version 4.52.1. The DonutProcessor is used in document processing tasks leveraging the Donut model, which is designed for document understanding and extraction. Exploiting this vulnerability does not require authentication or user interaction, and can be triggered remotely via network access to the affected API or service. The vulnerability impacts availability by exhausting computational resources, potentially disrupting API services or automated document processing pipelines that rely on the Hugging Face Transformers library. No impact on confidentiality or integrity has been reported. No known exploits are currently observed in the wild, but the medium CVSS score (5.3) reflects the moderate risk posed by this vulnerability due to its ease of exploitation and potential for service disruption.

Detailed information about CVE-2025-3933: CWE-1333 Inefficient Regular Expression Complexity in huggingface huggingface/transformers affecting huggingface huggi

CVE-2025-3933: CWE-1333 Inefficient Regular Expression Complexity in huggingface huggingface/transformers - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-3933: CWE-1333 Inefficient Regular Expression Complexity in huggingface huggingface/transformers

CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the
password generation algorithm is reverse engineered with access to installation or upgrade artifacts.

CVE-2025-50122 is a high-severity vulnerability identified in Schneider Electric's EcoStruxure IT Data Center Expert product, specifically affecting versions 8.3 and prior. The vulnerability is categorized under CWE-331, which pertains to insufficient entropy in cryptographic operations. In this case, the weakness lies in the password generation algorithm used to create root passwords during installation or upgrade processes. Due to insufficient randomness (entropy), an attacker who gains access to installation or upgrade artifacts can reverse engineer the password generation algorithm. This reverse engineering could enable the attacker to predict or discover the root password, thereby gaining unauthorized privileged access to the system. The CVSS 4.0 base score of 8.9 reflects the severity and complexity of the vulnerability, with the vector indicating that the attack requires adjacent network access (AV:A), high attack complexity (AC:H), no privileges required (PR:N), no user interaction (UI:N), and results in high impact on confidentiality, integrity, and availability (VC:H, VI:H, VA:H). The scope is limited (SI:L), and the vulnerability is not easily exploitable remotely but can have significant consequences if exploited. No known exploits are currently reported in the wild, and no patches have been linked yet, indicating that mitigation efforts may still be in progress or pending release by Schneider Electric. This vulnerability is particularly critical because root access compromises the entire system, potentially allowing attackers to manipulate data center operations, disrupt services, or pivot to other network segments.

Detailed information about CVE-2025-50122: CWE-331 Insufficient Entropy in Schneider Electric EcoStruxure IT Data Center Expert affecting Schneider Electric Eco

CVE-2025-50122: CWE-331 Insufficient Entropy in Schneider Electric EcoStruxure IT Data Center Expert - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-50122: CWE-331 Insufficient Entropy in Schneider Electric EcoStruxure IT Data Center Expert

AMD Warns of Transient Scheduler Attacks Affecting Wide Range of Chipsets

Source: https://cybersecuritynews.com/amd-warns-of-transient-scheduler-attacks/

Reddit InfoSec News

Detailed information about AMD Warns of Transient Scheduler Attacks Affecting Wide Range of Chipsets. Get real-time updates, technical details, and mitigation s

AMD Warns of Transient Scheduler Attacks Affecting Wide Range of Chipsets

AMD Warns of Transient Scheduler Attacks Affecting Wide Range of Chipsets

Description

Technical Details

Related Threats

Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257) - watchTowr Labs

Two critical credential vulnerabilities have been found in Kaseya's RapidFire Tools Network Detective

McDonald’s AI Hiring Tool McHire Leaked Data of 64 Million Job Seekers

McDonald’s McHire Vulnerability Leaked Data of 64 Million Job Seekers

PerfektBlue Bluetooth flaws impact Mercedes, Volkswagen, Skoda cars

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility