Podcast Detail

SANS Stormcast Monday, August 18th, 2025: 5G Attack Framework; Plex Vulnerability; Fortiweb Exploit; Flowise Vuln

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9574.mp3

previous
Podcast Logo
5G Attack Framework; Plex Vulnerability; Fortiweb Exploit; Flowise Vuln
00:00

SNI5GECT: Sniffing and Injecting 5G Traffic Without Rogue Base Stations
Researchers from the Singapore University of Technology and Design released a new framework, SNI5GECT, to passively sniff and inject traffic into 5G data streams, leading to DoS, downgrade and other attacks.
https://isc.sans.edu/diary/SNI5GECT%3A%20Sniffing%20and%20Injecting%205G%20Traffic%20Without%20Rogue%20Base%20Stations/32202

Plex Vulnerability
Plex patched a vulnerability in the Plex Media Server. Make sure you have updated to at least 1.42.1.
https://forums.plex.tv/t/plex-media-server-security-update/928341

FortiWeb Exploit Public
A security researcher published details about the recent FortiWeb vulnerability, including demonstrating a PoC exploit.
https://www.bleepingcomputer.com/news/security/researcher-to-release-exploit-for-full-auth-bypass-on-fortiweb/

Flowise OS vulnerability
https://research.jfrog.com/vulnerabilities/flowise-os-command-remote-code-execution-jfsa-2025-001380578/

no transcript found