Skip to main content

Product Updates

See all of our release notes and learn about helpful features

Censys Release Notes for April 28, 2025

The following enhancements and improvements are now available to Censys users.PlatformFind the information you need in the Censys Platform faster using the new web app landing page. The new landing page includes a rotating selection of example queries, data aggregations, new onboarding steps, and more.   Use the new Filter my results to display services or endpoints that match my query option on the Report Builder to limit the report results to only the services or endpoints that match your query. This option helps you build more focused reports.    The maximum number of report buckets has also been increased to 2,000.   Integrate Censys Platform functionality with your automated workflows with the new Python and Go SDKs. The Python SDK is also available on PyPI. ASMThe new Ports & Protocols Dashboard enables you to understand exactly which ports are open in your attack surface across the full 65,535-port range. This allows you to quickly determine whether there are any open ports that are misconfigured or non-compliant with your organization’s policy.   The dashboard also shows which protocols are present on your ports. ASM identifies whether these protocols are on standard ports, as defined by IANA. New fingerprintsAdded the following fingerprints. Type Name Description Query software DPanel This is a DPanel Docker Server. Platform queryLegacy Search query risk WINRM Service Exposed Windows Remote Management (WinRM) is a Microsoft protocol used for remotely managing Windows systems via PowerShell and other tools. While powerful for automation and administration, exposing WinRM to the internet is dangerous because it can allow attackers to execute remote commands, especially if using weak or default credentials. It supports basic and NTLM authentication, which can be intercepted or brute-forced, particularly over unencrypted HTTP (port 5985). Without proper safeguards like VPN access,strong auth, and firewalls, an exposed WinRM service is a high-risk entry point for attackers. ASM query  

Related products:Censys SearchCensys Attack Surface Management (ASM)Censys Platform

Censys Release Notes for April 14, 2025

The following enhancements and improvements are now available to Censys users.Rapid ResponseThe Censys Rapid Response team published information about and queries for the following issues and vulnerabilities.Vulnerability in FortiSwitch Allows Unauthenticated Attackers to Change Admin Passwords (CVE-2024-48887) Use the following queries to find Fortinet FortiSwitch instances. Not all of these are necessarily vulnerable, as specific version information may not be available. Platform query Legacy Search query ASM query Actively Exploited Deserialization Vulnerability in Gladinet CentreStack Secure File Sharing Software (CVE-2025-30406) The queries below can be used to identify exposed instances of Gladinet CentreStack, but they are not necessarily vulnerable to the exploit. Platform query Legacy Search query ASM query ASM risk query This query can be used to identify exposed instances of Gladinet CentreStack that are vulnerable to the exploit. New fingerprintsAdded the following fingerprints. Type Name Description Query software Gladinet Centrestack This is a Gladinet Centrestack Server. Platform queryLegacy Search query software Fortinet FortiSwitch This is a Fortinet FortiSwitch device. Platform queryLegacy Search query software Dell PowerProtect Dell PowerProtect Data Domain and Data Manager Platform queryLegacy Search query software CE-WAF Proactive Web Application Firewall CE-WAF is a custom or internal Web Application Firewall solution Platform queryLegacy Search query software Aikido Zen WAF ZenWAF is a Web Application Firewall solution produced by Aikido Platform queryLegacy Search query risk Vulnerable Gladinet CentreStack [CVE-2025-30406] Gladinet CentreStack through version 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use. ASM risk query  

Related products:Censys SearchCensys Attack Surface Management (ASM)Censys Platform

Censys Release Notes for April 7, 2025

The following enhancements and improvements are now available to Censys users.Rapid ResponseThe Censys Rapid Response team published information about and queries for the following issues and vulnerabilities.Unauthenticated Auth Bypass Vulnerability in CrushFTP [CVE-2025-31161] Use the following queries to find CrushFTP services. Not all of these are necessarily vulnerable, as specific version information may not be available. Platform query Legacy Search query ASM query ASM risk query This query can be used to identify exposed instances of CrushFTP that are vulnerable to the exploit. Unauthenticated RCE Vulnerability in Ivanti Connect & Policy Secure and ZTA Gateway [CVE-2025-22457] Use the following queries to find Ivanti Connect Secure services. Not all of these are necessarily vulnerable, as specific version information may not be available. Platform query Legacy Search query ASM query ASM risk query This query can be used to identify exposed instances of Ivanti Connect Secure that are vulnerable to the exploit. New FingerprintsAdded the following fingerprints. Type Name Description Query risk Vulnerable CrushFTP [CVE-2025-2825, CVE-2025-31161] CrushFTP contains an unauthenticated authentication bypass vulnerability. This affects CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0. There are two CVE-IDs because the original CVE-2025-2825 was assigned by VulnCheck, but the vendor has identified the CVE-ID as CVE-2025-31161. ASM query risk Vulnerable Ivanti Connect Secure Application [CVE-2025-22457] This Ivanti Connect Secure (before 22.7R2.6) application is vulnerable to CVE-2025-22457. This vulnerability allows an unauthenticated attacker to achieve remote code execution. ASM query software Medsynapse PACS Medsynapse PACS is a web-based picture archiving and communication system (PACS) for transfer of medical images within and outside hospitals. Platform queryLegacy Search query  

Related products:Censys SearchCensys Attack Surface Management (ASM)Censys Platform

Censys Release Notes for April 2, 2025

The following enhancements and improvements are now available to Censys users.Censys PlatformUse Collections to track and monitor the results of a Censys query over time.  Save time and resources by creating a collection and configuring alerts to track new assets that match your queries.  Collections track both additions and subtractions to assets that match your queries. Configure collection webhooks to receive real-time alerts for any changes within your collections. Collections are currently available to Platform Starter users. Learn more about Collections in the Censys Academy. Censys ASMUse risk evidence to understand how Censys ASM detected a risk and determine whether a risk requires further validation before it is prioritized for remediation.  Risk evidence links directly to the scan data that includes the evidence for risk. This enables you to accelerate your investigations and use Censys data to find and close risks faster. Rapid ResponseThe Censys Rapid Response team published information about and queries for the following issues and vulnerabilities.Authentication Bypass Vulnerability in Next.js [CVE-2025-29927] Use the following queries to map Next.js services. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Platform query Censys Platform query for Next.js services that expose a version Censys Legacy Search query Censys ASM query Censys ASM risk query New protocolsAdded support for the following protocols. Protocol Query CHECK_MK_AGENT Censys Platform query NATS_IO Censys Platform query  New fingerprintsAdded the following fingerprints. Type Name Description Query risk Exposed Kubernetes Ingress NGINX Admission Controller The affected service exposes a Kubernetes Ingress NGINX Admission Controller. This controller is vulnerable to multiple critical unauthenticated Remote Code Execution vulnerabilities collectively known as "IngressNightmare" (CVE-2025-1974, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, CVE-2025-24513). Exploitation can lead to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster, which could result in complete cluster takeover. Censys ASM query risk Vulnerable Next.js [CVE-2025-29927] Next.js contains a vulnerability that could allow an attacker to execute arbitrary code through a specially crafted request. This affects versions 11.1.4 through 12.3.5, 13.0.0 through 13.5.9, 14.0.0 through 14.2.25, and 15.0.0 through 15.2.3. Censys ASM query  

Related products:Censys SearchCensys Attack Surface Management (ASM)Censys Platform

Censys Release Notes for March 10, 2025

The following enhancements and improvements are now available to Censys users.Censys ASMUse our new ServiceNow CMDB integration to automatically send your Censys ASM asset inventory to ServiceNow. All Censys ASM asset inventory types (hosts, web entities, storage buckets, certificates, and domains) are supported. Censys ASM asset attributes like tags, labels, and location are also exported to ServiceNow. Filter what gets sent to CMDB based on ASM tags or source information. Rapid ResponseThe Censys Rapid Response team published information about and queries for the following issues and vulnerabilities.BIG-IP iControl REST and tmsh Vulnerability [CVE-2025-20029] Use the following queries to find instances of the F5 BIG-IP Configuration Utility. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Platform query Censys Legacy Search query Censys ASM query Tenda AC7 Stacked-Based Buffer Overflow Vulnerability with PoC [CVE-2025-1851] Use the following queries to find Tenda Routers. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Platform query Censys Legacy Search query Censys ASM query New and updated fingerprintsThe following fingerprints have been added or improved. Type Name Description Query software Konica Minolta Bizhub Konica Minolta Bizhub printer management web interface. Platform queryLegacy Search query software Konica Minolta PageScope Web Connection Konica Minolta PageScope Web Connection is a web-based interface used for managing and configuring Konica Minolta multifunction printers (MFPs) and networked devices. Platform queryLegacy Search query software F5 BIG-IP Access Policy Manager (APM) This BIG-IP platform is running the Access Policy Manager (APM) module. The article in the references section lists these cookies and mentions that they are used to track user sessions of BIG-IP APM access profiles. Platform queryLegacy Search query risk Exposed WatchGuard Firewall An http.response.service is exposing a WatchGuard firewall. ASM query  

Related products:Censys SearchCensys Attack Surface Management (ASM)Censys Platform

Censys Release Notes for February 20, 2025

The following enhancements and improvements are now available to Censys users.Censys PlatformThe new Censys Platform is now available. The Censys Platform gives you sharper insights into internet-facing assets and actionable intelligence to mitigate risks. Read our new documentation for the Censys Platform to learn how to use the new datasets, query language, and additional functionality. This initial release of the Platform is available to Free and Starter license users. Additional features and support for Enterprise customers will be released in the coming weeks. Censys SearchDeployed improvements to the automatic protocol detection of certain protocols running on non-standard ports. Added support for Trend Micro Locality Sensitive Hash (TLSH) of HTTP bodies. These values are present in the services.http.response.body_hashes field and are prepended by tlsh. Censys ASMUpdated the Saved Query Automation configuration UI in the ASM console. You can now configure saved query alerts as well as auto-tagging (see below) from the new “Automate” menu for saved queries. Save time and accelerate research and remediation by automating manual workflows with auto-tagging.  Whenever an asset matches a saved query, that asset is tagged. When an asset no longer matches the saved query, the asset is untagged.  Auto-tagging checks for new or removed assets every hour. You can enable or disable Auto-tagging in the updated Saved Query Automation UI. Auto-tagging is available to ASM Enterprise customers. Learn more about Saved Query Automation in this video.   Rapid ResponseThe Censys Rapid Response team published information about and queries for the following issues and vulnerabilities.Critical Vulnerabilities in Ivanti Connect Secure, Policy Secure, and CSA [CVE-2025-22467 & 3 Others] Use the following queries to map Ivanti products. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Platform query Censys Search query Censys ASM query Censys ASM risk query [CVE-2024-10644 & CVE-2024-38657] Censys ASM risk query [CVE-2025-22467] New FingerprintsAdded the following fingerprints. Type Name Description Query risk Vulnerable Ivanti Connect Secure Application [CVE-2024-10644 & CVE-2024-38657] This Ivanti Connect Secure (before 22.7R2.4) application is vulnerable to CVE-2024-10644 & CVE-2024-38657. CVE-2024-10644 is a code injection vulnerability and CVE-2024-38657 is an OS injection vulnerability. Both vulnerabilites require the attacker to be authenticated with administrative privileges and have the potential impact of remote code execution if exploited. ASM query risk Vulnerable Ivanti Connect Secure Application [CVE-2025-22467] This Ivanti Connect Secure (before 22.7R2.6) application is vulnerable to CVE-2025-22467, a stack based overflow vulnerability that allows a remote authenticated attacker to achieve remote code execution. ASM query  

Related products:Censys SearchCensys Attack Surface Management (ASM)Censys Platform

Censys Release Notes for February 3, 2025

The following enhancements and improvements are now available to Censys ASM and Search customers.Rapid ResponseThe Censys Rapid Response team published information about and queries for the following issues and vulnerabilities.SonicWall RCE Vulnerability Added to CISA KEV [CVE-2025-23006] Use the following queries to identify the SonicWall products associated with this issue. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query Censys ASM risk query New ProtocolsAdded support for the following protocols. Protocol Description Query NFS_MOUNTD A protocol scanner for NFS mount daemon. This daemon implements the server side of the NFS MOUNT protocol. Search Query  New FingerprintsAdded the following fingerprints. Type Name Description Query risk Vulnerable SonicWall Secure Mobile Access [CVE-2025-23006] This SonicWall Secure Mobile Access VPN is vulnerable to CVE-2025-23006. This vulnerability was patched via the following hotfix: 12.4.3-02854. This means that version 12.4.3 is potentially vulnerable to the exploit as we cannot see the full build number. The vulnerability specifically targets the Central and Appliance Management Consoles of SMA VPNs. ASM Query software Huawei Inner Web UI This is a Huawei Inner Web UI Management Interface. Search Query  

Related products:Censys SearchCensys Attack Surface Management (ASM)

Censys Release Notes for January 21, 2025

The following enhancements and improvements are now available to Censys ASM and Search customers.Rapid ResponseThe Censys Rapid Response team published information about and queries for the following issues and vulnerabilities.Qlik Sense RCE Vulnerability Added to CISA KEV [CVE-2023-48365] Use the following queries to map Qlik Sense products. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query Aviatrix Controller Vulnerability Exploited in the Wild [CVE-2024-50603] Use the following queries to map Aviatrix Controller products.​​ Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query Censys ASM risk query Zero-Day Vulnerability in FortiOS and FortiProxy Added to CISA KEV [CVE-2024-55591] Use the following queries to identify FortiOS and ForiProxy services. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query See this blog from the Censys Research Team for more information about this issue. New FingerprintsAdded the following fingerprints. Type Name Description Query software Qlik Sense This is a Qlik Sense data analytics and visualization tool. Search Query software Aviatrix Controller This is an Aviatrix Controller service. Search Query software Ivanti Endpoint Manager Mobile This is an Ivanti Endpoint Manager Mobile service. Search Query software Hytera SmartOne This is a Hytera SmartOne service. Search Query risk Vulnerable Aviatrix Controller Application [CVE-2024-50603] This Aviatrix Controller Application is running an out-of-date version that is vulnerable to CVE-2024-50603, allowing an unauthenticated attacker to execute arbitrary code. ASM Query  

Related products:Censys SearchCensys Attack Surface Management (ASM)

Censys Release Notes for January 13, 2025

The following enhancements and improvements are now available to Censys ASM and Search customers.Rapid ResponseThe Censys Rapid Response team published information about and queries for the following issues and vulnerabilities.GFI KerioControl Susceptible to 1-Click RCE Vulnerability [CVE-2024-52875] Use the following queries to find GFI KerioControl firewalls. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query Actively Exploited Unauthenticated RCE in Ivanti Connect Secure [CVE-2025-0282] Use the following queries to find exposed Ivanti Connect Secure instances. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query Censys ASM risk query Oracle WebLogic Vulnerability Added to CISA KEV [CVE-2020-2883] Use the following queries to find Oracle WebLogic servers. Not all of these are necessarily vulnerable, as specific version information may not be available.  Censys Search query Censys ASM query Censys ASM risk query New ProtocolsAdded support for the following protocols.  Protocol Description Query EZVIZ Used for EZVIZ smart home cameras. Search Query ADB (Android Debug Bridge) The communication protocol used by the Android Debug Bridge tool. Search Query GIT The protocol used to transfer data between a GIT client and server. Search Query SNPP (Simple Network Paging Protocol) Used for sending and receiving paging messages. Search Query RSH A legacy protocol used to execute commands on a remote host. Search Query  New FingerprintsAdded the following fingerprints. Type Name Description Query software Oracle WebLogic This is an Oracle WebLogic Server. Search Query software Ivanti This web service was built or is owned by Ivanti. Search Query risk Vulnerable Oracle WebLogic Server [CVE-2020-2883] This Oracle WebLogic Server is vulnerable to CVE-2020-2883. ASM Query risk Vulnerable Ivanti Connect Secure Application [CVE-2025-0282 & CVE-2025-0283] This Ivanti Connect Secure (before 22.7R2.5) application is vulnerable to CVE-2025-0282 & CVE-2025-0283. ASM Query  

Related products:Censys SearchCensys Attack Surface Management (ASM)

Censys Release Notes for January 6, 2025

The following enhancements and improvements are now available to Censys ASM and Search customers.Censys ASMUse our new Wiz integration to ingest your cloud resources into Censys ASM and ensure that your inventory is always up to date.  Cloud resources sourced from Wiz will be added to your attack surface inventory for easy investigation and prioritization.  Currently, only hosts and web entities can be brought in from Wiz. Support for storage buckets will be added shortly. Learn more about how to use this integration in this video:   Rapid ResponseThe Censys Rapid Response team published information about and queries for the following issues and vulnerabilities:Actively Exploited Vulnerability in BeyondTrust Products [CVE-2024-12356] Use the following queries to map BeyondTrust products. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query Actively Exploited Vulnerability in Palo Alto Networks PAN-OS [CVE-2024-3393] Use the following queries to identify Palo Alto PAN-OS products. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query New FingerprintsAdded the following fingerprints: Type Name Description Query software BeyondTrust Remote Support This is a device running BeyondTrust Remote Support software. Search Query software BeyondTrust Privileged Remote Access This is a device running BeyondTrust Privileged Remote Access software. Search Query  

Related products:Censys SearchCensys Attack Surface Management (ASM)

Censys Release Notes for December 23, 2024

The following enhancements and improvements are now available to Censys ASM and Search customers.Rapid ResponseThe Censys Rapid Response team published information about and queries for the following issues and vulnerabilities:PoC Exploit Available for Mitel MiCollab VoIP Platform [CVE-2024-35286, CVE-2024-41713, CVE-2024-55550] Use the following queries to map Mitel services. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query Cleopocalypse: 70% of Cleo File Transfer Exposures may be Vulnerable to Unauthenticated RCE [CVE-2024-55956] Use the following queries to map Cleo services. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query Censys ASM risk query Actively Exploited Flaw in Apache Struts File Upload Logic [CVE-2024-53677] Use the following queries to identify Struts services. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query Additionally, this query can be used as a strong indicator of Apache Struts. However, it has a lower confidence level than the query above and requires further investigation on the host to confirm that Struts is in use. New FingerprintsAdded the following fingerprints: Type Name Description Query software Apache Struts This is an Apache Struts service. Search Query software Mitel MiCollab This is a Mitel MiCollab service. Search Query

Related products:Censys SearchCensys Attack Surface Management (ASM)

Censys Release Notes for December 16, 2024

The following enhancements and improvements are now available to Censys ASM and Search customers.Censys ASMAdded a card for Axonius to the Integrations Marketplace in the ASM console.  This integration is developed and maintained by Axonius.  Rapid ResponseThe Censys Rapid Response team published information about and queries for the following issues and vulnerabilities:Unrestricted File Upload Vulnerability in Multiple Cleo File Transfer Products [CVE-2024-50623] Censys Search query Censys ASM query Censys ASM risk query Veeam Service Provider Console RCE [CVE-2024-42448] Use the following queries to map Veeam Service Provider Consoles. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query New FingerprintsAdded the following fingerprints: Type Name Description Query risk Vulnerable Cleo Instance [CVE-2024-50623] This service is running a vulnerable version of Cleo Harmony, VLTrader, and LexiCom that is affected by unauthenticated remote code execution vulnerability CVE-2024-50623. ASM Query software Cleo Harmony This is a Cleo Harmony Managed File Transfer server. Search Query software Fortinet FortiAIOps This is a Fortinet FortiAIOps server. FortiAIOps simplifies LAN and WAN network management and leverages artificial intelligence with machine learning for enhanced network operations. Search Query software Cleo VLTrader This is a Cleo VLTrader Managed File Transfer server. Search Query software Cleo LexiCom This is a Cleo LexiCom Managed File Transfer server. Search Query  

Related products:Censys SearchCensys Attack Surface Management (ASM)

Censys Release Notes for December 9, 2024

The following enhancements and improvements are now available to Censys ASM and Search customers.Censys ASMImplemented several improvements to the saved query automation UI in the ASM console: The number of results returned for a saved query is now displayed on its entry in the saved query menu. A warning is now displayed next to a saved query entry in the saved query menu if it is nearing or exceeding 40,000 results. Saved query automation cannot be enabled for saved queries that exceed 40,000 results. Updated the icons for automation configuration status in the saved query menu. Added the word “Resources” next to the question mark icon in the top right corner of the ASM console.Rapid ResponseThe Censys Rapid Response team published information about and queries for the following issues and vulnerabilities:Actively Exploited RCE Vulnerability in ProjectSend [CVE-2024-11680] Use the following queries to map ProjectSend services. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query RCE Vulnerability in Progress WhatsUp Gold [CVE-2024-8785] Use the following queries to map WhatsUp Gold services. Not all of these are necessarily vulnerable, as specific version information may not be available. Censys Search query Censys ASM query New ProtocolsAdded support for the following protocols:FreeSWITCH

Related products:Censys SearchCensys Attack Surface Management (ASM)
featured-image