VYPR

Server Intrusion Protection (SIP)

by BullWall

CVEs (2)

  • CVE-2025-62004Dec 18, 2025
    risk 0.00cvss epss 0.00

    BullWall Server Intrusion Protection (SIP) services are initialized after login services during system startup. A local, authenticated attacker can log in after boot and before SIP MFA is running. The SIP services do not retroactively enforce MFA or disconnect sessions that were…

  • CVE-2025-62003Dec 18, 2025
    risk 0.00cvss epss 0.00

    BullWall Server Intrusion Protection has a noticeable configuration-dependent delay before the MFA check for RDP connections. A remote, authenticated attacker can potentially bypass detection during this delay. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 are affected. Other…