Summary: A critical vulnerability, CVE-2025-30406, affecting Gladinet CentreStack and Triofox software, allows for remote code execution due to a hard-coded cryptographic key. Exploitation has already compromised seven organizations, and the flaw was first exploited in March 2025. Users are urged to update to the latest versions to mitigate risks.
Affected: Gladinet CentreStack and Triofox
Keypoints :
- CVE-2025-30406 has a CVSS score of 9.0, highlighting its severity.
- The vulnerability affects versions of Triofox up to 16.4.10317.56372.
- Seven organizations have reported being impacted since the exploitation began.
- Attackers exploited the flaw using encoded PowerShell scripts for DLL sideloading and lateral movement.
- Users are strongly recommended to update to CentreStack version 16.4.10315.56368 or later to prevent attacks.
Source: https://thehackernews.com/2025/04/gladinets-triofox-and-centrestack-under.html