If you run Plex Media Server, you should update all the things as per this warning from Plex themselves:
We recently received a report via our bug bounty program that there was a potential security issue affecting PMS versions 1.41.7.x to 1.42.0.x. Thanks to that user, we were able to address the issue and continue to improve our security and defenses.
We strongly recommend that everyone have their PMS updated to the most recent version as soon as possible, if you have not already done so.
The new version, 1.42.1, is now available to update through the PMS management page or you can download it here: https://www.plex.tv/media-server-downloads/
Plex hasn’t shared any details regarding the vulnerability. But it’s a safe bet that threat actors are revers engineering what has been patched in order to pwn anyone who hasn’t updated.
Kudos to the white hat hacker, which is another way of saying that he or she is a hacker that is on the light side of the force, for bringing this to the attention of Plex instead of going over to the dark side.
Like this:
Like Loading...
Related
This entry was posted on August 15, 2025 at 2:52 pm and is filed under Commentary with tags Plex. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Plex Users Urged To Update Media Server After Security Flaw Exposed By White Hat Hacker
If you run Plex Media Server, you should update all the things as per this warning from Plex themselves:
We recently received a report via our bug bounty program that there was a potential security issue affecting PMS versions 1.41.7.x to 1.42.0.x. Thanks to that user, we were able to address the issue and continue to improve our security and defenses.
We strongly recommend that everyone have their PMS updated to the most recent version as soon as possible, if you have not already done so.
The new version, 1.42.1, is now available to update through the PMS management page or you can download it here: https://www.plex.tv/media-server-downloads/
Plex hasn’t shared any details regarding the vulnerability. But it’s a safe bet that threat actors are revers engineering what has been patched in order to pwn anyone who hasn’t updated.
Kudos to the white hat hacker, which is another way of saying that he or she is a hacker that is on the light side of the force, for bringing this to the attention of Plex instead of going over to the dark side.
Share this:
Like this:
Related
This entry was posted on August 15, 2025 at 2:52 pm and is filed under Commentary with tags Plex. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.