Filtered by vendor Bullwall
Subscriptions
Filtered by product Server Intrusion Protection
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-62004 | 1 Bullwall | 1 Server Intrusion Protection | 2026-01-12 | 6.2 Medium |
| BullWall Server Intrusion Protection services are initialized after login services. An authenticated attacker with administrative permissions can log in after boot and bypass MFA. SIP service does not retroactively enforce the challenge or disconnect unauthenticated sessions. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected. | ||||
| CVE-2025-62003 | 1 Bullwall | 1 Server Intrusion Protection | 2026-01-12 | 6.2 Medium |
| BullWall Server Intrusion Protection has a noticeable delay before the MFA check when connecting via RDP. A remote authenticated attacker with administrative privileges can potentially bypass detection during this window. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected. | ||||
Page 1 of 1.