Safeguarding Technovate: Your Digital Fortress — Explore Cutting-Edge Tech

Critical Redis Vulnerabilities: Urgent Update Needed

Redis' security compromised. Update now to avoid data breaches and system compromises.

, and Administrator

2025 October 8 . 2:08 PM

1 min read

In the middle of the picture there is an insect. The insect is on a red surface.

Critical Redis Vulnerabilities: Urgent Update Needed

A serious security threat has been identified in the popular open-source database Redis. IT administrators are urged to update their installations immediately to patch four critical vulnerabilities. The vulnerabilities, discovered by IT security researchers from Wiz, allow malicious LUA scripts to manipulate memory, cause crashes, and execute arbitrary code.

The most severe vulnerability, tracked as CVE-2025-46819 and EUVD-2025-32327, enables crafted LUA scripts to access memory outside designated areas, leading to server crashes and denial of service. Another vulnerability, CVE-2025-46818 and EUVD-2025-32328, allows LUA scripts to manipulate other LUA objects and execute their own code in the context of other users. A third issue, CVE-2025-46817 and EUVD-2025-32363, can cause an integer overflow, facilitating code injection from the internet.

To mitigate these risks, Redis instances should be updated to version 8.2.2 or newer. Linux distributions are expected to provide updated packages soon. IT administrators should prioritize these updates to protect their systems. Additionally, registered users should be cautious when executing LUA scripts, as they could potentially be manipulated to execute malicious code from the network, as per CVE-2025-49844 and EUVD-2025-32326.

The Redis database is widely used, and these vulnerabilities pose a significant risk to many systems. IT administrators should take immediate action to update their installations. The updates close four critical security vulnerabilities and protect against potential data breaches and system compromises. Linux distributions are also urged to provide updated packages promptly to ensure the security of their users.

Latest

In the picture I can see dial gauge of a wrist watch.

Smart-home-devices

Longines Revives Classic Spirit Zulu Time in Titanium

The legendary Spirit Zulu Time returns in a lightweight, durable titanium case. Its dual-time functionality makes it perfect for modern adventurers.

, and Administrator

2025 October 9

In this image, we can see an advertisement contains robots and some text.

Harnessing the Power of AI

Target Leads Retail Innovation with Generative AI Expansion

Target's AI gift finder was a holiday hit. Now, it's set to revolutionize shopping for other seasons, preparing for a future where AI assistants shop for us.

, and Administrator

2025 October 9

In this image we can see there is a tool box with so many tools in it.

Harnessing the Power of AI

AI Revolutionizes Software Testing and Development

AI is transforming software testing and development, offering substantial benefits. But are organizations ready for this AI revolution?

, and Administrator

2025 October 9

In this picture there is a bottle of cool drink and RISK word is written at the top of the bottle...

Mastering Money Matters

NIST Introduces Enterprise Risk Profile for Cybersecurity Management

NIST's new report offers a game-changer for cybersecurity risk management. The enterprise risk profile helps organisations compare and manage all risks in one place.

, and Administrator

2025 October 9

Critical Redis Vulnerabilities: Urgent Update Needed

Critical Redis Vulnerabilities: Urgent Update Needed

Read also:

Related

Latest