Rapid responses

runZero’s Rapid Response program provides immediate detection and notification of emerging threats. Each Rapid Response includes a query to find matching assets, a trigger to analyze all inventories for exposure, and a corresponding blog post with the details of the issue. This program focuses on helping customers mitigate exposures before compromise.

Vulnerabilities covered by the Rapid Response program are replaced by more specific coverage as mitigations become available.

Latest Rapid Responses

DateNameTypeSeverityQueryUS SaaS LinkEU SaaS Link
11/10/2025Rapid Response: Monsta FTP RCE (CVE-2025-34299)servicesInfo_asset.protocol:http AND protocol:http AND favicon.ico.image.mmh3:="1535999103"LinkLink
11/06/2025Rapid Response: CWP (Control Web Panel) OS Command Injection (CVE-2025-48703)softwareInfovendor:="CentOS WebPanel" product:="CentOS Web Panel"LinkLink
11/03/2025Rapid Response: Veeam Backup & Replication RCE Multiple Vulnerabilities (2025-10)softwareCriticalvendor:=Veeam AND product:="Veeam Backup & Replication" AND (version:>0 AND version:>=12 AND version:<12.3.2.4165)LinkLink
10/31/2025Rapid Response: DNN Multiple Vulnerabilities (2025-10)servicesInfo_asset.protocol:http AND protocol:http AND http.head.setCookie:="%dnn_%Mobile%"LinkLink
10/24/2025Rapid Response: PowerDNS Recursor Multiple Vulnerabilities (2025-10)softwareHighvendor:=PowerDNS AND product:=Recursor AND (version:>0 AND ( (version:>=5.1 AND version:<5.1.8) OR (version:>=5.2 AND version:<5.2.6) OR (version:>=5.3 AND version:<5.3.1)))LinkLink
10/24/2025Rapid Response: Microsoft Windows Server Update Services (WSUS) RCE (CVE-2025-59287)assetsInfoproduct:"Microsoft Windows Server Update Services"LinkLink
10/23/2025Rapid Response: ISC BIND Multiple Vulnerabilities (2025-10)softwareHighvendor:=ISC AND product:=BIND AND (version:>0 AND ( (version:>=9 AND version:<9.11.0) OR (version:>=9.11.0 AND version:<=9.16.50) OR (version:>=9.18.0 AND version:<=9.18.39) OR (version:>=9.20.0 AND version:<=9.20.13) OR (version:>=9.21.0 AND version:<=9.21.12) OR (version:>="9.11.3-S1" AND version:<="9.16.50-S1") OR (version:>="9.18.11-S1" AND version:<="9.18.39-S1") OR (version:>="9.20.9-S1" AND version:<="9.20.13-S1")))LinkLink
10/21/2025Rapid Response: Squid Information Disclosure (CVE-2025-62168)softwareCriticalvendor:="Squid Cache" AND product:=Squid AND (version:>0 AND version:<7.2)LinkLink
10/15/2025Rapid Response: F5 CISA Emergency Directive (ED 26-01)assetsInfoos:="F5%"LinkLink
10/15/2025Rapid Response: Fortinet FortiSwitch Manager (CVE-2025-49201)softwareInfovendor:=Fortinet product:="FortiSwitchManager"LinkLink
10/15/2025Rapid Response: Fortinet FortiPAM (CVE-2025-49201)assetsInfoos:="Fortinet FortiPAM%"LinkLink
10/10/2025Rapid Response: Ivanti Endpoint Manager Multiple Vulnerabilities (2025-10)softwareInfovendor:=Ivanti product:="Endpoint Manager"LinkLink
10/08/2025Rapid Response: Oracle E-Business Suite RCE (CVE-2025-61882)softwareInfovendor:=Oracle product:="E-Business Suite"LinkLink
10/06/2025Rapid Response: Redis Multiple Vulnerabilities (2025-10)softwareCriticalvendor:=Redis AND product:=Redis AND (version:>0 AND ( (version:>=6.2 AND version:<6.2.20) OR (version:>=7.2 AND version:<7.2.11) OR (version:>=7.4 AND version:<7.4.6) OR (version:>=8.0 AND version:<8.0.4) OR (version:>=8.2 AND version:<8.2.2)))LinkLink
10/06/2025Rapid Response: Valkey Multiple Vulnerabilities (2025-10)softwareCritical(vendor:=valkey OR vendor:="Fedora Project") AND product:=valkey AND (version:>0 AND ( (version:>=7.2 AND version:<7.2.11) OR (version:>=8.0 AND version:<8.0.6) OR (version:>=8.1 AND version:<8.1.4)))LinkLink
10/04/2025Rapid Response: Smartbedded Meteobridge Command Injection (CVE-2025-4008)servicesInfo_asset.protocol:http AND protocol:http AND http.head.wwwAuthenticate:="Basic realm=%MeteoBridge%"LinkLink
Updated
Previous: Exposure management Next: Query library