Cyber Security News

Logsign Vulnerability Allows Remote Attackers to Bypass Authentication

A critical security vulnerability has been identified and disclosed in the Logsign Unified SecOps Platform, allowing remote attackers to bypass authentication mechanisms.

The vulnerability tracked as CVE-2025-1044, has been assigned a CVSS score of 9.8, placing it in the “Critical” severity category.

Vulnerability Details

This security flaw resides within Logsign’s Unified SecOps Platform, a tool widely used for security orchestration and automation.

The issue stems from improper implementation of the authentication algorithm in its web service, which listens on TCP port 443 by default. Exploiting this weakness, attackers can bypass authentication without requiring valid credentials.

The flaw has the potential to grant attackers unauthorized access to sensitive data and allow them to perform malicious actions with a high impact on the confidentiality, integrity, and availability of the targeted system.

Notably, no user interaction or special privileges are required to exploit this vulnerability, making it particularly dangerous.

Researchers Abdessamad Lahlali and Smile Thanapattheerakul from Trend Micro’s Zero Day Initiative (ZDI) discovered and reported this vulnerability under ZDI-25-085 (ZDI-CAN-25336). The sequence of events is as follows:

  • 2024-09-26: Vulnerability reported to Logsign.
  • 2025-02-05: Coordinated public release of the advisory.
  • 2025-02-05: Advisory updated with more details.

Logsign has acknowledged the security issue and issued a patch in their Unified SecOps Platform, as detailed in the Version 6.4.32 release notes.

Users and organizations using Logsign are strongly urged to apply this update immediately to mitigate potential exploitation risks. For detailed instructions, refer to the Logsign support page: Version 6.4.32 Release Notes.

Given the critical nature of this flaw, organizations relying on the Logsign Unified SecOps Platform are at high risk if they fail to update their systems.

Exploitation could lead to a full compromise of the platform, exposing sensitive information and allowing attackers to manipulate or disrupt security operations.

  1. Immediately update to the latest version (6.4.32 or later).
  2. Review access logs to identify any suspicious activity.
  3. Enhance network monitoring for signs of unauthorized access.

This incident underscores the importance of timely vulnerability management and patch applications to safeguard critical systems.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Hundreds of Fortune 500 Companies Have Unknowingly Employed North Korean IT Operatives

North Korean nationals have successfully infiltrated the employee ranks of major global corporations at a…

2 hours ago

Stealthy New NodeJS Backdoor Infects Users Through CAPTCHA Verifications

Security researchers have uncovered a sophisticated malware campaign utilizing fake CAPTCHA verification screens to deploy…

2 hours ago

State-Sponsored Hacktivism on the Rise, Transforming the Cyber Threat Landscape

Global cybersecurity landscape is undergoing a significant transformation, as state-sponsored hacktivism gains traction amid ongoing…

2 hours ago

NVIDIA Riva AI Speech Flaw Let Hackers Gain Unauthorized Access to Abuse GPU Resources & API keys

Researchers have uncovered significant security vulnerabilities in NVIDIA Riva, a breakthrough AI speech technology platform…

3 hours ago

Tsunami Malware Surge: Blending Miners and Credential Stealers in Active Attacks

Security researchers have recently discovered a sophisticated malware operation called the "Tsunami-Framework" that combines credential…

3 hours ago

The Double-Edged Sword of AI in Cybersecurity: Threats, Defenses & the Dark Web Insights Report 2025

Check Point Research's latest AI Security Report 2025 reveals a rapidly evolving cybersecurity landscape where…

3 hours ago