The following updates were made to the Attack Surface Management Discovery Engine after May 19, 2025 ASM Discovery Engine Release:
Vulnerability Checks
- Added Cisco Identity Services Engine Unauthenticated RCE (CVE-2025-20281)
- Added Cisco IOS XE - Authentication Bypass (CVE-2025-20188)
- Added Citrix NetScaler ADC and Gateway Out-of-bounds Read (CVE-2025-5777)
- Added Craft CMS - Remote Code Execution (CVE-2025-32432)
- Added Fortinet FortiWeb Fabric Connector SQL Injection to RCE (CVE-2025-47812)
- Added Ivanti Endpoint Manager Mobile - Remote Code Execution (CVE-2025-4427/4428)
- Added Langflow AI - Remote Code Execution (CVE-2025-3248)
- Added Microsoft SharePoint Server Remote Code Execution (CVE-2025-53770)
- Added Palo Alto PAN-OS - Authentication Bypass (CVE-2025-0108)
- Added ThinkPHP 5.0.23 - Remote Code Execution (CVE-2018-20062)
- Added Wing FTP Server Unauthenticated RCE (CVE-2025-25257)
Technology Fingerprints
- Enhanced Cisco IOS XE technology fingerprint
- Enhanced Citrix Gateway technology fingerprint
- Added FlowiseAI Flowise technology fingerprint
- Added Fortinet FortiSIEM technology fingerprint
- Added GGML Llama.cpp technology fingerprint
- Added Hoverfly technology fingerprint