SANS Stormcast Friday April 11th: Network Infraxploit; Windows Hello Broken; Dell Update; Langflow Exploit

Network Infraxploit
Our undergraduate intern, Matthew Gorman, wrote up a walk through of
CVE-2018-0171, an older Cisco vulnerability, that is still actively being
exploited. For example, VOLT TYPHOON recently exploited this problem.
https://isc.sans.edu/diary/Network+Infraxploit+Guest+Diary/31844
Windows Update Issues / Windows 10 Update
Microsoft updated its "Release Health" notes with details regarding issues
users experiences with Windows Hello, Citrix, and Roblox. Microsoft also released an emergency update for Office 2016 which has stability problems after applying the most recent update.
https://support.microsoft.com/en-us/topic/april-8-2025-kb5055523-os-build-26100-3775-277a9d11-6ebf-410c-99f7-8c61957461eb
https://learn.microsoft.com/en-us/windows/release-health/windows-message-center#3521
https://support.microsoft.com/en-us/topic/april-10-2025-update-for-office-2016-kb5002623-d60c1f31-bb7c-4426-b8f4-69186d7fc1e5
Dell Updates
Dell releases critical updates for it's Powerscale One FS product. In particular, it fixes a default password problem.
https://www.dell.com/support/kbdoc/en-us/000300860/dsa-2025-119-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities
Langflow Vulnerablity (possible exploit scans sighted) CVE-2025-3248
Langflow addressed a critical vulnerability end of March. This writeup by Horizon3 demonstrates how the issue is possibly exploited. We have so far seen one "hit" in our honeypot logs for the vulnerable API endpoint URL.
https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/