Types of Cyberattack, Specific Risks and How to Mitigate those Risks
Please note that the list of cyberattack types is distributed by the Canadian Centre for Cyber Security and the means to mitigate is provided by third parties. This information is not meant to be exhaustive and Skyway West is not responsible for omissions or mistakes.
What is the FreePBX Vulnerability (CVE-2025-57819), what is the risk and how can you mitigate that risk?
What is it? FreePBX is an open-source web-based graphical user interface. Why is it a risk? FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This is considered a CRITICAL vulnerability. How can you mitigate the risk? Upgrade your FreePBX ...What is the IceWarp Mail Server Vulnerability (CVE-2025-14500), what is the risk and how can you mitigate that risk?
What is it? IceWarp is a Mail Server that also provides messaging and collaboration services. A vulnerability in the code allows remote attackers to execute arbitrary code on affected installations. Authentication is not required to exploit this vulnerability. Why is it a risk? Allowing unauthenticated users to execute arbitrary code is an obvious risk. The vulnerability has a score of ...What is the SolarWinds Serve-U vulnerability (CVE-2025-40538), what is the risk and how can you mitigate that risk?
What is it? SolarWinds Serv-U provides Managed File Transfer over HTTP. Versions 15.5.3 and earlier contain a programming error that gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. Why is it a risk? Allowing users to create accounts ...What is the Broadcom VMWare Time-of-Check, Time-of-Use (TOCTOU) Vulnerability (CVE-2025-22224), what is the risk and how can you mitigate that risk?
What is it? Broadcom VMWare is a popular virtualization server software that allows more than one virtual server to run on a single physical server. Different virtual servers may run different operating systems. VMWare (ESXi and Workstation) has a flaw that allows a skilled attacker to take control of the host/physical server. Why is it a risk? An ...What are the Broadcom VMWare Deleted Admin Group (CVE-2024-37085) and DDoS (CVE-2024-37086, CVE-2024-37087) Vulnerabilities, what is the risk and how can you mitigate that risk?
What is it? Broadcom VMWare is a popular virtualization server software that allows more than one virtual server to run on a single physical server. Different virtual servers may run different operating systems. VMWare (ESXi and vCenter Server) has flaws that allow one user to gain access to all other users by recreating a deleted admin ...What is the Zimbra Collaboration Suite (ZCS) web mail Vulnerability (CVE-2025-68645), what is the risk and how can you mitigate that risk?
What is it? Zimbra Collaboration Suite (ZCS) includes a web mail client written in PHP. A vulnerability exists in the way that files are loaded remotely. Why is it a risk? An attacker can read files on your server or inject PHP logic into mail processing. The Red Hot Cyber link below provides more details This is considered a ...What is the Simple Service Discovery Protocol (SSDP) Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Simple Service Discovery Protocol (SSDP) is used to discover what devices (and their capabilities) are available in a local area network. It is the basis of Universal Plug and Play (UPnP) devices like printers and scanners but it also helps locate network resources. SSDP uses port 1900. Attackers can exploit SSDP ...What is the MeshCentral Command and Control (C&C, or C2) Vulnerability, what is the risk and how can you mitigate that risk?
What is it? MeshCentral is an open-source remote administration tool that provides remote control, hardware and software inventory, system monitoring, and background management including remote terminal and file management. While extremely useful, these remote control features have attracted a number of attackers. Collectively, these threats are known as Command and Control (C&C or C2) attacks. Why is it a ...What is the Broadcom VMWare Memory Management Vulnerability (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239), what is the risk and how can you mitigate that risk?
What is it? Broadcom VMWare is a popular virtualization server software that allows more than one virtual server to run on a single physical server. Different virtual servers may run different operating systems. Several versions of VMWare (ESXi, Workstation, Fusion and Tools) have various memory management problems. Specifically: Integer Overflow (41236), Integer Underflow (41237), Heap ...What is the ConnectWise ScreenConnect Vulnerability (CVE-2025-14265), what is the risk and how can you mitigate that risk?
What is it? ConnectWise ScreenConnect provides remote support (remote control) to help you support your staff. Remote Control software is naturally an attractive target for cyber attackers. ConnectWise ScreenConnect 25.7 and prior are affected by a bug in the server-side validation and integrity checking system. This bug allows the installation of untrusted or arbitrary extensions. Why is it ...What is the CentreStack and TrioFox file sharing Vulnerability (cve-2025-11371), what is the risk and how can you mitigate that risk?
What is it? Gladinet CentreStack and TrioFox are parts of a file sharing service that does not rely on a traditional VPN (Virtual Private Network). There is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. You can learn more about the threat at the Huntress link below. Why is it a risk? By accessing ...What is the Cisco Secure Firewall Vulnerability (cve-2025-20333, cve-2025-20362 and cve-2025-10363), what is the risk and how can you mitigate that risk?
What is it? Cisco provides VPN firewall software (Cisco Secure Firewall). Three components of this product: Adaptive Security Appliance (ASA), Firewall Management Center (FMC) and Firewall Threat Defence (FTD) contain a vulnerability that could allow an authenticated, remote attacker to execute arbitrary code on an affected server. Why is it a risk? This is a CRITICAL vulnerability. This vulnerability is currently ...