Recently, Palo Alto Networks disclosed CVE‑2025‑0108—a high-severity authentication bypass in the PAN‑OS management web interface. Although the flaw does not enable remote code execution, it compromises the confidentiality and integrity of management functions. In this post, we’ll break down the technical details, discuss the exploitation methodology, illustrate configuration and code examples, and outline effective mitigation strategies.

In the world of cybersecurity, nothing stays still for long. The endless proliferation of new technologies and rapidly shifting threat landscapes forces organizations to continually reevaluate their approach to risk. Over the last two decades, security teams have leaned heavily on vulnerability management (VM) solutions to identify, classify, and patch software vulnerabilities on internal assets.

In Continuous Threat Exposure Management (CTEM), risk assessment acts as the central thread that ties all components together, turning raw threat intelligence, vulnerability detection, and external attack surface monitoring into actionable mitigation strategies.

The External Attack Surface Management (EASM) domain is rapidly growing in importance for businesses across the globe. Organizations must strive to understand the true scope of their attack surface as seen through the eyes of a potential hacker. This is a foundational step in any risk program that CISOs are implementing.

In today’s rapidly evolving threat landscape, traditional reactive security approaches are no longer sufficient. This reality led Gartner to introduce Continuous Threat Exposure Management (CTEM) to shift organizations’ mindset from reactive firefighting to proactive threat management through five critical phases: This structured approach revolutionizes how organizations secure their cloud environments. But to succeed, CTEM demands specialized tools designed for modern cloud complexities.

CVE-2024-52875 is an HTTP Response Splitting vulnerability in Kerio Control. This flaw allows an attacker to inject malicious input into HTTP response headers by introducing carriage return (\r) and line feed (\n) characters. Such manipulation can cause the server to send multiple HTTP responses instead of one, leading to various attacks.

The NuPoint Unified Messaging (NPM) module in Mitel MiCollab versions up to 9.8 SP1 FP2 (9.8.1.201) is vulnerable to a path traversal attack caused by insufficient input validation. This vulnerability could be exploited by an unauthenticated attacker to gain unauthorized access to sensitive files, potentially allowing them to read, alter, or delete user data and critical system settings. The Mitel MiCollab Arbitrary File Read Vulnerability combines CVE-2024-41713 with another yet-to-be-assigned issue.

The field of IT security has never been more complex or demanding. As organizations race to adopt digital technologies and modernize their infrastructures, they inadvertently create chaos that overwhelms security teams. This chaos is driven by three critical vectors: the rapid expansion of the attack surface, continual changes to existing assets, and the relentless emergence of new security threats.

Attack surface analysis is the process of mapping out an organization’s attack surfaces. These consist of the set of attack vectors that an attacker could use to target an organization. Organizations have both external and internal attack surfaces. An external attack surface includes all potential attack vectors that could be used to gain initial access to an organization’s environment from the public Internet.

An attack surface is the sum total of all the various ways that a cyber threat actor could attack an organization. This includes everything from software vulnerabilities, like SQL injection, to lost and stolen devices to social engineering attacks against the organization’s employees or third-party partners. An organization’s overall attack surface can further be divided into its external and internal attack surfaces.