ICTBroadcast Security Update Advisory (CVE-2025-2611)

Dec 02 2025

Overview

We have released a security update to address a vulnerability in ICTBroadcast. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-2611

ICTBroadcast Version: 7.4 and earlier

Resolved Vulnerabilities

Memory corruption vulnerability in Firefox (CVE-2025-49709)
Integer overflow vulnerability in the handling of HashTables used by the JavaScript engine in Firefox (CVE-2025-49710)

Vulnerability Patches

CVE-2025-2611

no current patch version information

References

[1] Add ICTBroadcast Unauthenticated Remote Code Execution (CVE-2025-2611)
https://github.com/rapid7/metasploit-framework/pull/20446
[2] ICTBroadcast <= 7.4 Unauthenticated Session Cookie RCE
https://www.vulncheck.com/advisories/ictbroadcast-unauthenticated-session-cookie-rce

ICTBroadcast Security Update Advisory (CVE-2025-2611)

SolarWinds Product Security Update Advisory

Advisory for a security update to the astral-tokio-tar library (CVE-2025-62518)

Tags:

SolarWinds Product Security Update Advisory

Advisory for a security update to the astral-tokio-tar library (CVE-2025-62518)