September 15, 2025
Threat Hunting MCP Server, two new scanners, and two new risk fingerprints.
Platform
Threat Hunting Module
- Use the Threat Hunting Model Context Protocol (MCP) Server to give your AI agents access to Censys Threat Hunting APIs, empowering you to find and investigate potential threats at machine speed.
New protocol and application scanners
Added scanners for the following services.
| Protocol/application | Query |
|---|---|
CRESTRON_OVER_IP | Platform query |
MIKROTIK_WINBOX | Platform query |
New fingerprints
Added the following fingerprints.
Type | Name | Description | Query |
|---|---|---|---|
risk | Vulnerable SAP NetWeaver AS Java [CVE-2025-42922] | SAP NetWeaver AS Java (Deploy Web Service component), versions under J2EE-APPS 7.50, is vulnerable to an insecure file operations issue. The flaw allows an attacker with non-administrative authenticated access to upload arbitrary files through the deployment web service. Once an uploaded file is executed, the attacker may achieve full system compromise. | ASM risk query: |
risk | Vulnerable Sitecore Experience Platform [CVE-2025-53690] | Sitecore Experience Manager (XM) and Sitecore Experience Platform (XP) versions through 9.0.2 are affected by a critical deserialization vulnerability tracked as CVE-2025-53690. This vulnerability allows remote attackers to inject arbitrary code through deserialization of untrusted data, potentially leading to remote code execution. | ASM risk query: |