{"vulnerability": "CVE-2025-1732", "sightings": [{"uuid": "6adcdc4e-0067-4aa9-949d-913f638d0e51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1732", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lniodnr2gz2z", "content": "", "creation_timestamp": "2025-04-23T17:03:09.723027Z"}, {"uuid": "7f7c43a5-54db-4e81-8e61-f14954484459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1732", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-8e663f79-45a3417748370530", "content": "", "creation_timestamp": "2025-04-22T06:11:45.883349Z"}, {"uuid": "56f8837e-fc72-4dac-950e-820b1226f8ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1732", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnf4gm6mo32b", "content": "", "creation_timestamp": "2025-04-22T07:04:41.667865Z"}, {"uuid": "d746bc42-e472-49bd-977c-a598c93e9cd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1732", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lnji2e7ugn2g", "content": "", "creation_timestamp": "2025-04-24T00:43:13.818932Z"}, {"uuid": "1b2d2bf2-545e-47c7-b1ff-5237a7d6b4f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1732", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3lnjjjgyifn2u", "content": "", "creation_timestamp": "2025-04-24T01:09:33.278996Z"}, {"uuid": "a7b3295f-1760-4136-b0e8-d401144a3e87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1732", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lnkcsbiupb2j", "content": "", "creation_timestamp": "2025-04-24T08:41:53.247924Z"}, {"uuid": "1213116b-103c-44ab-8096-a883b2acca2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1732", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-5744fe79-a6c56f6f2dd16a71", "content": "", "creation_timestamp": "2025-10-21T06:59:37.471476Z"}, {"uuid": "2c0df224-3d79-4eea-91c0-11286da83207", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1732", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12790", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1732\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An improper privilege management vulnerability in the recovery function of the USG FLEX H series uOS firmware version V1.31 and earlier could allow an authenticated local attacker with administrator privileges to upload a crafted configuration file and escalate privileges on a vulnerable device.\n\ud83d\udccf Published: 2025-04-22T01:57:35.395Z\n\ud83d\udccf Modified: 2025-04-22T01:57:35.395Z\n\ud83d\udd17 References:\n1. https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-incorrect-permission-assignment-and-improper-privilege-management-vulnerabilities-in-usg-flex-h-series-firewalls-04-22-2025", "creation_timestamp": "2025-04-22T03:02:52.000000Z"}, {"uuid": "3b843b31-a392-4616-b35f-633b8827e216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1732", "type": "seen", "source": "https://t.me/cvedetector/23479", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1732 - \"Fortinet USG FLEX H Series Privilege Escalation Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-1732 \nPublished : April 22, 2025, 3:15 a.m. | 35\u00a0minutes ago \nDescription : An improper privilege management vulnerability in the recovery function of the USG FLEX H series uOS firmware version V1.31 and earlier could allow an authenticated local attacker with administrator privileges to upload a crafted configuration file and escalate privileges on a vulnerable device. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-22T05:51:43.000000Z"}, {"uuid": "24dd1b47-05e3-42e9-982f-d0b0b0034be8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1732", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/463", "content": "Top Security News for Today\n\nLocal privilege escalation on Zyxel USG FLEX H Series (CVE-2025-1731)  \nhttps://www.reddit.com/r/netsec/comments/1k5roqe/local_privilege_escalation_on_zyxel_usg_flex_h/\n\nRegulating AI Behavior with a Hypervisor  \nhttps://www.schneier.com/blog/archives/2025/04/regulating-ai-behavior-with-a-hypervisor.html\n\nUnderstanding the threat landscape for Kubernetes and containerized assets  \nhttps://www.microsoft.com/en-us/security/blog/2025/04/23/understanding-the-threat-landscape-for-kubernetes-and-containerized-assets/\n\nXRP Supplychain attack: Official NPM package infected with crypto stealing backdoor  \nhttps://www.reddit.com/r/netsec/comments/1k54dna/xrp_supplychain_attack_official_npm_package/\n\nDOGE Worker\u2019s Code Supports NLRB Whistleblower  \nhttps://krebsonsecurity.com/2025/04/doge-workers-code-supports-nlrb-whistleblower/\n\nAuthenticated Remote Code Execution on USG FLEX H Series (CVE-2025-1731 / CVE-2025-1732)  \nhttps://www.reddit.com/r/netsec/comments/1k6f52p/authenticated_remote_code_execution_on_usg_flex_h/\n\nOperation SyncHole: Lazarus APT goes back to the well  \nhttps://securelist.com/operation-synchole-watering-hole-attacks-by-lazarus/116326/\n\nScams 2.0: How Technology Is Powering the Next Generation of Fraud  \nhttps://www.tripwire.com/state-of-security/scams-how-technology-powering-next-generation-fraud\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-04-24T09:30:30.000000Z"}]}