ADVISORIES
VerSprite’s Research and Development Division (VS-Labs)
is dedicated to pioneering security research through rigorous analysis & innovation.
We uncover vulnerabilities, develop proactive solutions, and provide insights that empower organizations to stay ahead of emerging cyber threats.
| Product | Date | Vulnerability | CVE ID |
|---|---|---|---|
| Azure Bastion Elevation of Privilege Vulnerability | 24 November 2025 | Azure Bastion vulnerability CVE-2025-49752 is a critical authentication bypass (elevation of privilege) issue impacting all Azure Bastion deployments prior to the patch released on November 20, 2025. This flaw lets an unauthenticated attacker gain administrative access to virtual machines through replaying captured credentials, with a CVSS severity of 10.0. | CVE-2025-49752 |
| Opto 22 PAC Control Basic | 23 April 2021 | OOB[R] due to improper bounds checking | CVE-2021-30495 |
| Opto 22 PAC Control Basic Figma | 13 April 2021 | OOB[R] due to improper bounds checking. | CVE-2021-30495 |
| Razer Synapse 3 Permissions Vulnerability | 13 April 2021 | Incorrect Permissions Assignment for Critical Resource | CVE-2021-30493 |
| CyberGhost 6 for Windows | 4 May 2018 | Privilege Escalation | CVE-2018-10646 |
| Waves MaxxAudio | 1 July 2019 | Privilege Escalation | CVE-2019-13208 |
| AccuPOS | 23 August 2018 | Incorrect Permission Assignment for Critical Resource | CVE-2018-15809 |
| VMAC for Verix | 25 March 2019 | Buffer Overflow | CVE-2019-10060 |
| SolarWinds Orion NPM | 4 December 2018 | Remote Code Execution | CVE-2019-8917 |
| POSIM EVO for Windows | 23 August 2018 | Use of Hard-Coded Database Credentials | CVE-2018-15808 |
| POSIM EVO for Windows | 23 August 2018 | Client Login "Override" | CVE-2018-15807 |
| Airmail 3 for Mac | 21 August 2018 | EventHandler Race Condition | CVE-2018-15670 |
