serisec

Category: Dos attack

  • SCADA Vulnerability Triggers DoS, Potentially Disrupting Industrial Operations

    SCADA Vulnerability Triggers DoS, Potentially Disrupting Industrial Operations A medium-severity vulnerability in the Iconics Suite SCADA system that could allow attackers to trigger denial-of-service conditions on critical industrial control systems. The flaw, tracked as CVE-2025-0921, affects supervisory control and data acquisition infrastructure widely deployed across automotive, energy, and manufacturing sectors. Vulnerability Overview CVE-2025-0921 stems from…

  • Multiple Vulnerabilities in React Server Components Enable DoS Attacks

    Multiple Vulnerabilities in React Server Components Enable DoS Attacks Multiple critical security vulnerabilities have recently been disclosed in React Server Components, enabling threat actors to launch Denial-of-Service (DoS) attacks against vulnerable servers. The flaws, tracked as CVE-2026-23864 with a CVSS score of 7.5, are due to incomplete patches from previous security fixes and require immediate…

  • Next.js Cache Poisoning Vulnerability Let Attackers Trigger DoS Condition

    Next.js Cache Poisoning Vulnerability Let Attackers Trigger DoS Condition Key Takeaways1. Next.js versions 15.1.0-15.1.8 have a cache poisoning bug causing DoS attacks through blank page delivery.2. Needs affected Next.js version + ISR with cache revalidation + SSR with CDN caching 204 responses.3. Race condition allows HTTP 204 responses to be cached for static pages, serving…

  • Realtek Vulnerability Let Attackers Trigger DoS Attack via Bluetooth Secure Connections Pairing Process

    Realtek Vulnerability Let Attackers Trigger DoS Attack via Bluetooth Secure Connections Pairing Process A significant security vulnerability has been identified in Realtek’s RTL8762E SDK v1.4.0 that allows attackers to exploit the Bluetooth Low Energy (BLE) Secure Connections pairing process to launch denial-of-service attacks.  The vulnerability, discovered in the RTL8762EKF-EVB development platform, stems from improper validation…

  • Cisco AnyConnect VPN Server Vulnerability Let Attackers Trigger DoS Attack

    Cisco AnyConnect VPN Server Vulnerability Let Attackers Trigger DoS Attack A critical security vulnerability affecting Cisco Meraki MX and Z Series devices could allow unauthenticated attackers to launch denial of service (DoS) attacks against AnyConnect VPN services.  The vulnerability, tracked as CVE-2025-20271 with a CVSS score of 8.6, was published on June 18, 2025, and…

  • Apache Traffic Server Vulnerability Let Attackers Trigger DoS Attack via Memory Exhaustion

    Apache Traffic Server Vulnerability Let Attackers Trigger DoS Attack via Memory Exhaustion A critical security vulnerability has been discovered in Apache Traffic Server that allows remote attackers to trigger denial-of-service (DoS) attacks through memory exhaustion.  The vulnerability, tracked as CVE-2025-49763, affects the Edge Side Includes (ESI) plugin and poses significant risks to organizations running affected…