01/22/2025-01/29/2025 Critical Vulnerability in Meta’s Llama Framework, Old jQuery Vulnerability, High-Severity SQL Injection Flaw in VMware Avi Load Balancer And More.

1. Critical Vulnerability in Meta’s Llama Framework Exposes AI Systems to Remote Attacks

A critical security flaw, CVE-2024-50050, has been discovered in Meta’s Llama Stack, an open-source framework for generative AI. The vulnerability, caused by unsafe deserialization via Python’s pickle module, allows remote attackers to execute arbitrary code on affected servers. The flaw exists in the recv_pyobj method from pyzmq, which deserializes untrusted data. Attackers can exploit this by sending malicious payloads over exposed ZeroMQ sockets, leading to remote code execution (RCE). While Meta initially rated the severity as 6.3 (medium), security firms like Snyk assigned it a 9.3 (critical) under CVSS v4.0 due to risks of data breaches and system takeover.

Following responsible disclosure on September 29, 2024, Meta patched the issue in version 0.0.41, replacing pickle with a secure JSON-based implementation. Users should upgrade immediately to mitigate risks. This flaw highlights broader security concerns in AI frameworks and the need for stronger safeguards in open-source dependencies.

2. CISA Warns of Old jQuery Vulnerability Linked to Chinese APT

CISA has added an old jQuery vulnerability (CVE-2020-11023) to its KEV catalog.
Disclosed in April 2020, this medium-severity XSS flaw can lead to arbitrary code execution. Major organizations like Linux distributions, F5, IBM, and Atlassian previously warned users about its impact.

It’s unclear why CISA added it now, as no recent exploitation reports have surfaced. However, past reports indicate that Chinese state-sponsored APT1 exploited the flaw, with Tenable confirming its use in 2021 for system compromises.

CISA hasn’t clarified if newer attacks prompted this move or if it’s based on older threats. Federal agencies must assess their exposure and take action by February 13.

3. Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits

A security review of Palo Alto Networks firewalls uncovered multiple firmware vulnerabilities and misconfigurations, exposing devices to potential attacks.
Security firm Eclypsium analyzed three models—PA-3260, PA-1410, and PA-415—identifying well-known flaws, collectively named PANdora’s Box.

These include:

• CVE-2020-10713 (BootHole) – Secure Boot bypass
• Multiple SMM vulnerabilities (PA-3260) – Privilege escalation
• LogoFAIL (PA-3260) – Secure Boot bypass via image parsing flaws
• PixieFail (PA-1410, PA-415) – UEFI network stack vulnerabilities
• Insecure flash access (PA-415) – UEFI modification risk
• CVE-2023-1017 (PA-415) – TPM 2.0 out-of-bounds write
• Intel BootGuard bypass (PA-1410)

Palo Alto Networks stated these flaws cannot be exploited under normal conditions with updated PAN-OS and secured interfaces but is working on mitigations. Organizations should update firmware and follow best practices to secure their networks.

4. Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer

Broadcom has warned of a high-severity flaw (CVE-2025-22217, CVSS 8.6) in VMware Avi Load Balancer, allowing attackers to gain unauthenticated database access via blind SQL injection.

Attackers with network access can exploit this by sending crafted SQL queries. The flaw, discovered by Daniel Kukuczka and Mateusz Darda, affects:

• 30.1.1, 30.1.2 (Fixed in 30.1.2-2p2)
• 30.2.1 (Fixed in 30.2.1-2p5)
• 30.2.2 (Fixed in 30.2.2-2p2)

Versions 22.x and 21.x are not affected. Users on 30.1.1 must upgrade to 30.1.2+ before patching.

There are no workarounds, making immediate updates essential for security.

5. Hackers Actively Exploiting Zyxel 0-day Vulnerability to Execute Arbitrary Commands

A zero-day vulnerability (CVE-2024-40891) in Zyxel CPE devices is being actively exploited, allowing attackers to execute arbitrary commands without authentication. This flaw poses serious risks, including system compromise, data theft, and network infiltration.

Security scans have identified over 1,500 infected devices, with no official fix available. The flaw, a command injection issue in telnet service accounts (e. g., “supervisor,” “zyuser”), enables attackers to send crafted telnet requests to gain control.

Researchers at GreyNoise and VulnCheck confirmed active exploitation, but Zyxel has not yet released a patch.

Mitigation Steps:

• Monitor network traffic for suspicious telnet activity.
• Restrict access to admin interfaces from trusted IPs.
• Disable remote management to reduce attack surfaces.
• Check for Zyxel security updates and apply patches when available.

Organizations using Zyxel CPE devices must act immediately to mitigate threats while awaiting an official fix.

6. GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs

Several security vulnerabilities, collectively named Clone2Leak, have been found in GitHub Desktop and related Git projects, potentially exposing users’ Git credentials.

Key Vulnerabilities:

• CVE-2025-23040 (6.6 CVSS) – Crafted URLs can leak credentials in GitHub Desktop.
• CVE-2024-50338 (7.4 CVSS) – Carriage return character smuggling in Git Credential Manager.
• CVE-2024-53263 (8.5 CVSS) – Git LFS leaks credentials via HTTP URL injection.
• CVE-2024-53858 (6.5 CVSS) – GitHub CLI leaks authentication tokens to unauthorized hosts.

Exploitation could allow attackers to access privileged Git resources. Git has patched CVE-2024-52006 and CVE-2024-50349 in v2.48.1.

Mitigation Steps:

• Update Git, GitHub Desktop, and Git LFS to the latest versions.
• Avoid cloning untrusted repositories with --recurse-submodules.
• Disable credential helpers and use public repositories when possible.