Rapid responses
runZero’s Rapid Response program provides immediate detection and notification of emerging threats. Each Rapid Response includes a query to find matching assets, a trigger to analyze all inventories for exposure, and a corresponding blog post with the details of the issue. This program focuses on helping customers mitigate exposures before compromise.
Vulnerabilities covered by the Rapid Response program are replaced by more specific coverage as mitigations become available.
Latest Rapid Responses
| Date | Name | Type | Severity | Query | US SaaS Link | EU SaaS Link |
|---|---|---|---|---|---|---|
| 09/30/2025 | Rapid Response: VMware Aria Operations Local Privilege Escalation (CVE-2025-41244) | services | Info | _asset.protocol:http AND protocol:http AND has:last.html.title AND last.html.title:="VMware Aria Operations" | Link | Link |
| 09/25/2025 | Rapid Response: Cisco ASA and FTD Multiple Vulnerabilities (September 2025) | assets | Info | (os:="Cisco Adaptive Security Appliance" OR hw:="Cisco ASA%") AND (protocol:http OR protocol:tls) | Link | Link |
| 09/24/2025 | Rapid Response: Cisco IOS and IOS XE SNMP DoS and RCE Vulnerability (CVE-2025-20352) | assets | Info | (os:="Cisco IOS" OR os:="Cisco IOS XE" OR hw:="Cisco Meraki MS390%" OR hw:="Cisco Meraki C9300%") AND has:snmp.v2DefaultCommunities | Link | Link |
| 09/23/2025 | Rapid Response: SolarWinds Web Help Desk RCE (CVE-2025-26399) | software | Critical | vendor:=SolarWinds AND (product:="Web Help Desk" OR product:="webhelpdesk") AND (version:>0 AND version:<12.8.7.2174) | Link | Link |
| 09/19/2025 | Rapid Response: Fortra GoAnywhere MFT License Servlet Deserialization Vulnerability (CVE-2025-10035) | software | Critical | vendor:=Fortra AND (product:="Goanywhere Managed File Transfer" OR product:="GoAnywhere MFT%") AND (version:>0 AND version:<7.8.4 AND NOT version:=7.6.3) | Link | Link |
| 09/18/2025 | Rapid Response: WatchGuard Firebox IKED RCE (CVE-2025-9242) | assets | Info | os:="WatchGuard Fireware" | Link | Link |
| 09/17/2025 | Rapid Response: Daikin Security Gateway Authentication Bypass (CVE-2025-10127) | services | Info | _asset.protocol:http AND protocol:http AND has:html.title AND html.title:="Security GW" AND has:favicon.ico.image.mmh3 AND favicon.ico.image.mmh3:="1417553504" | Link | Link |
| 09/12/2025 | Rapid Response: Dassault Systèmes (3DS) DELMIA Apriso RCE (CVE-2025-5086) | services | Info | _asset.protocol:http AND protocol:http AND has:last.html.title AND last.html.title:="DELMIA Apriso%" | Link | Link |
| 09/09/2025 | Rapid Response: Adobe Commerce & Magento Session Takeover With Unconfirmed RCE (CVE-2025-54236) | software | Critical | vendor:=Adobe AND product:=Magento AND (version:>0 AND version:<="2.4.9-alpha2") | Link | Link |
| 09/09/2025 | Rapid Response: SAP NetWeaver (RMI-P4) Insecure Deserialization (CVE-2025-42944) | software | Critical | vendor:=SAP AND product:"NetWeaver" AND (version:>0 AND version:<=7.50) | Link | Link |
| 09/03/2025 | Rapid Response: Sangoma FreePBX RCE (CVE-2025-57819) | software | Critical | ((vendor:=FreePBX AND product:=PBX) OR (vendor:=Sangoma AND product:=FreePBX)) AND (version:>0 AND (version:<"15.0.66(%)" OR version:<"16.0.89(%)" OR version:<"17.0.3(%)")) | Link | Link |
| 08/29/2025 | Rapid Response: Arcserve Unified Data Protection < 10.2 Heap Overflow Vulnerabilities | software | Info | (vendor:=Arcserve OR vendor:="Arcserve (USA)") AND (product:=UDP OR product:="Arcserve Unified Data Protection") AND version:<10.2 | Link | Link |
| 08/26/2025 | Rapid Response: NetScaler ADC And NetScaler Gateway Multiple Vulnerabilities | assets | Info | hw:="Citrix Netscaler Gateway" OR os:="Citrix ADC" OR os:="Citrix NetScaler" | Link | Link |
| 08/22/2025 | Rapid Response: Rockwell Automation ControlLogix Ethernet RCE (CVE-2025-7353) | services | Critical | (_asset.protocol:="ethernetip" OR asset.protocol:="ethernetip-udp") AND protocol:"ethernetip" AND (ethernetip.product:="1756-EN2T/D" OR ethernetip.product:="1756-EN2F/C" OR ethernetip.product:="1756-EN2TR/C" OR ethernetip.product:="1756-EN3TR/B" OR ethernetip.product:="1756-EN2TP/A") AND (ethernetip.revision:<"12" OR ethernetip.revision:"12.0%") | Link | Link |
| 08/20/2025 | Rapid Response: Trend Micro Apex One OS Command Injection Vulnerabilities | software | Info | vendor:="Trend Micro" product:="Apex One" | Link | Link |
| 08/15/2025 | Rapid Response: Plex Media Server 1.41.7.X To 1.42.0.X < 1.42.1 Undisclosed Vulnerability (CVE-2025-34158) | software | Medium | vendor:=Plex AND product:"Media Server" AND (version:>0 AND version:<"1.42.1") | Link | Link |
| 08/14/2025 | Rapid Response: Multiple Vulnerabilities In N-Able N-Central | software | Info | vendor:="N-able" product:="N-central" | Link | Link |
| 08/14/2025 | Rapid Response: Fortinet FortiWeb Authentication Bypass (CVE-2025-52970) | software | Info | vendor:=Fortinet AND product:=FortiWeb | Link | Link |
| 08/13/2025 | Rapid Response: Fortinet FortiSIEM OS Command Injection (CVE-2025-25256) | software | Info | vendor:="Fortinet" product:="FortiSIEM" | Link | Link |
Updated