Podcast Detail

SANS Stormcast Monday, October 13th, 2025: More Oracle Patches; Sonicwall Compromisses; Unpatched Gladinet; 7-Zip Patches

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9652.mp3

previous
Podcast Logo
More Oracle Patches; Sonicwall Compromisses; Unpatched Gladinet; 7-Zip Patches
00:00

New Oracle E-Business Suite Patches
Oracle released one more patch for the e-business suite. Oracle does not state if it is already exploited, but the timing of the patch suggests that it should be expedited.
https://www.oracle.com/security-alerts/alert-cve-2025-61884.html

Widespread Sonicwall SSLVPN Compromise
Huntress Labs observed the widespread compromise of the Sonicwall SSLVPN appliance.
https://www.huntress.com/blog/sonicwall-sslvpn-compromise

Active Exploitation of Gladinet CentreStack and Triofox Local File Inclusion Flaw (CVE-2025-11371)
An unpatched vulnerability in the “secure” file sharing solutions Gladinet CentreStack and TrioFox is being exploited.
https://www.huntress.com/blog/gladinet-centrestack-triofox-local-file-inclusion-flaw

Two 7-Zip Vulnerabilities CVE-2025-11002, CVE-2025-11001
7-Zip patched two vulnerabilities that may lead to arbitrary code execution
https://www.zerodayinitiative.com/advisories/ZDI-25-949/
https://www.zerodayinitiative.com/advisories/ZDI-25-950/


no transcript found