SANS Stormcast Monday, August 18th, 2025: 5G Attack Framework; Plex Vulnerability; Fortiweb Exploit; Flowise Vuln

SNI5GECT: Sniffing and Injecting 5G Traffic Without Rogue Base Stations Researchers from the Singapore University of Technology and Design released a new framework, SNI5GECT, to passively sniff and inject traffic into 5G data streams, leading to DoS, downgrade and other attacks. https://isc.sans.edu/diary/SNI5GECT%3A%20Sniffing%20and%20Injecting%205G%20Traffic%20Without%20Rogue%20Base%20Stations/32202 Plex Vulnerability Plex patched a vulnerability in the Plex Media Server. Make sure you have...

SNI5GECT: Sniffing and Injecting 5G Traffic Without Rogue Base Stations
Researchers from the Singapore University of Technology and Design released a new framework, SNI5GECT, to passively sniff and inject traffic into 5G data streams, leading to DoS, downgrade and other attacks.
https://isc.sans.edu/diary/SNI5GECT%3A%20Sniffing%20and%20Injecting%205G%20Traffic%20Without%20Rogue%20Base%20Stations/32202
Plex Vulnerability
Plex patched a vulnerability in the Plex Media Server. Make sure you have updated to at least 1.42.1.
https://forums.plex.tv/t/plex-media-server-security-update/928341
FortiWeb Exploit Public
A security researcher published details about the recent FortiWeb vulnerability, including demonstrating a PoC exploit.
https://www.bleepingcomputer.com/news/security/researcher-to-release-exploit-for-full-auth-bypass-on-fortiweb/
Flowise OS vulnerability
https://research.jfrog.com/vulnerabilities/flowise-os-command-remote-code-execution-jfsa-2025-001380578/