概要

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services - Client
1012456 - Microsoft Windows SMB Client Remote Code Execution Vulnerability (CVE-2025-54101)


Flowise
1012458 - Flowise Code Injection Vulnerability (CVE-2025-59528)


Oracle E-Business Suite Web Interface
1012464 - Oracle E-Business Suite CRLF Injection Vulnerability (CVE-2025-61882)


Remote Desktop Server Websocket
1012325* - Microsoft Windows Remote Desktop Protocol Remote Code Execution Vulnerability (CVE-2024-49116)


SolarWinds Orion Platform
1012316* - SolarWinds Orion Platform Server-Side Request Forgery Vulnerability (CVE-2024-52606)


Web Client HTTPS
1012457 - Microsoft Windows File Explorer Spoofing Vulnerability (CVE-2025-50154)


Web Server HTTPS
1012322* - Apache Camel Command Injection Vulnerabilities (CVE-2025-29891 and CVE-2025-27636)
1012319* - Centreon SQL Injection Vulnerability (CVE-2024-55573)
1012462 - PivotX CMS Stored Cross-Site Scripting Vulnerability (CVE-2025-52367)


Windows SMB Client
1012459 - Restrict PDF Documents With Embedded Executable Files Over SMB


Integrity Monitoring Rules:

1011152* - Microsoft Windows - Active directory files modified (ATT&CK T1552.006)


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.