CERT Polska has received a report about 11 vulnerabilities found in Internet Starter module of SoftCOM iKSORIS software.

Another year of CERT Polska’s activities is behind us. An absolutely record-breaking year, if we take into account practically all the statistics cited in our previous reports. Behind these numbers is the daily work of experts who care for the safety of Poles online every day. This year’s report is about this work, the key challenges we face and the threats we analyse.

CERT Polska has received a report about 2 vulnerabilities (CVE-2024-11504 and CVE-2024-7407) found in Streamsoft Prestiż software.

Incorrect Privilege Assignment vulnerability (CVE-2025-2098) has been found in Fast CAD Reader (Beijing Honghu Yuntu Technology) application.

Incorrect Authorization vulnerability (CVE-2025-1542) has been found in Infonet Projekt SA OXARI ServiceDesk software.

CERT Polska has received a report about 2 vulnerabilities (CVE-2024-8773 and CVE-2024-8774) found in SIMPLE.ERP software.

Improper Neutralization of Value Delimiters vulnerability (CVE-2025-1774) has been found in NASK - PIB BotSense software.

Command Injection vulnerability (CVE-2025-1497) has been found in MLJAR PlotAI software.

CERT Polska has received a report about 3 vulnerabilities (from CVE-2024-13892 to CVE-2024-13894) found in Smartwares cameras.

CERT Polska has received a report about 5 vulnerabilities (from CVE-2025-22270 to CVE-2025-22274) found in CyberArk Endpoint Privilege Manager software.