Under Attack?
Threat advisory: multiple critical remote code execution vulnerabilities affecting Microsoft windows platforms
advisory ID: ADV-2025-ALL-05
date issued: 14 May 2025
severity: Critical (CVE-2025-29966), High (CVE-2025-30397)
CVSs scores:
Posts about:
Breaches, Alerts & Advisories
CVE-2025-3248 - RCE flaw in Langflow framework for building AI agents exploited by attackers
CVSS Base Score: 9.8 CRITICAL
Security Advisory: CVE-2025-22457 – Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
A critical vulnerability, CVE-2025-22457, has been identified in Ivanti Connect Secure (ICS), Pulse Connect Secure (PCS), Ivanti Policy Secure, and ZTA Gateways. This stack-based buffer overflow allows remote, unauthenticated attackers to execute arbitrary code on affected devices. The flaw is currently being actively exploited by a suspected Chinese advanced persistent threat (APT) group, UNC5221, to deploy custom malware families, TRAILBLAZE and BRUSHFIRE, facilitating persistent access and deep network intrusion.
CVE-2025-29927: Critical Authentication Bypass Vulnerability in Next.js
Next.js is a popular development library for web developers. In the authentication section of the library in affected versions, there is a vulnerability which would allow an attacker to bypass authentication, potentially gaining access to sensitive data or maninpulating targeted accounts.
Critical Veeam Vulnerability (CVE-2025-24201) Allows Code Execution via Deserialization
A critical remote code execution (RCE) vulnerability, identified as CVE-2025-23120, has been discovered in Veeam Backup & Replication (VBR). This flaw allows authenticated domain users to execute arbitrary code on the affected system. The vulnerability has been assigned a CVSS v3.1 score of 9.9, indicating its critical severity.
CVE-2025-27364 - MITRE Caldera Remote Code Execution
Overview:
MITRE Caldera is an open-source cyber security platform designed for automating adversary emulation, red teaming, and threat hunting. It allows security teams to simulate real-world cyber threats, test defences, and improve incident response.
CVE-2025-21298: Windows OLE Remote Code Execution Vulnerability
CVE-2025-21298 is a critical vulnerability present in the windows OLE that enables a remote code execution with a CVSS severity of 9.8. Object Linking and Embedding (OLE) is a proprietary technology developed by Microsoft that allows embedding and linking to documents and objects.
CVE-2024-55591/CVE-2025-24472 - Exploited in the Wild: Authentication bypass in Node.js websocket module and CSF requests – Critical/High!
UPDATED ON 12/02/2025:
LDAPNightmare: Windows LDAP vulnerability demands immediate attention
When a new security vulnerability emerges, there’s often a small window of time to respond before attackers start exploiting it in the wild. For LDAPNightmare (CVE-2024-49112), that window is quickly closing.
16 Critical Vulnerabilities Fixed: Immediate Patching Recommended
Microsoft’s latest Patch Tuesday release addressed 16 critical vulnerabilities, all classified as remote code execution flaws—a stark reminder of the importance of proactive patch management.
Threat Advisory Veeam critical RCE Bug in service provider console (VSPC)
The recently discovered vulnerabilities in Veeam Service Provider Console, tracked as CVE-2024-42448 and CVE-2024-42449, have been classified as critical and high severity. If exploited, these vulnerabilities could severely undermine system integrity and operational security, jeopardising sensitive data and backup operations.
Bargains & Breaches: Staying Secure this Black Friday and Cyber Monday
It’s that time of the year again when shoppers get ready to take advantage of the upcoming Black Friday and Cyber Monday sales. It’s also the time of the year when cyber criminals seek to take advantage of those bargain hunters.
