NVD disclosure day

Published threat advisories for February 10, 2025

CVE advisoryKnown Exploit

CVE-2025-24016

Wazuh Server Remote Code Execution Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Wazuh servers are affected by an unsafe deserialization vulnerability. This could allow an attacker with API access to execute arbitrary code on servers, impacting system integrity and confidentiality. The risk is heightened as this vulnerability is actively exploited. Organizations using vulnerable versions should pri

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2025-24200

Apple iOS and iPadOS Physical Access Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

An authorization flaw in Apple's iOS and iPadOS operating systems could allow a physical attacker to bypass USB security on locked devices. This could lead to unauthorized data access or modification on affected devices. Apple has addressed this issue with software updates.

NVD published: • CISA KEV