Threat advisory: multiple critical remote code execution vulnerabilities affecting Microsoft windows platforms
advisory ID: ADV-2025-ALL-05
date issued: 14 May 2025
severity: Critical (CVE-2025-29966), High (CVE-2025-30397)
CVSs scores:
Our Managed Detection and Response Services provide continuous monitoring from a team who’ll neutralise any breaches at speed...
Gain access to malware experts to quickly contain threats and reduce future exposure to attacks...
Integrity360 has been recognised as a Gartner Representative Vendor.
Many organisations are choosing CyberFire MDR to strengthen their defences. Discover how it can protect your business in our brochure.
Cyber attacks often seem faceless, but hidden behind the headlines of financial loss and technical details there are very real human stories.
In 2025, we’re witnessing a shift in how ransomware operates, who it targets, and the consequences of falling victim.
Stay ahead of the latest cyber security industry developments, advancements and threats, and understand how you can best protect your organisation.
Do you know what your company’s network vulnerabilities are? Businesses that invest in penetration testing do.
If your business handles credit card data, PCI DSS compliance isn’t optional—it’s critical. From retailers and e-commerce platforms to service providers and financial institutions, securing credit card data is critical to customer trust and preventing fraud.
Stay informed with the latest cyber security news with our weekly threat roundups.
Confused about cyber security? Our A-Z Glossary of terms can help you navigate this complicated industry.
Unlocking the full potential of Microsoft’s built-in security capabilities takes more than just a licence. It requires cyber security expertise, strategic alignment with business goals, and smart implementation. That’s where Integrity360 comes in.
SOC 2 certification reflects Integrity360’s continued investment in strengthening cyber resilience for clients across highly regulated and high-risk industries.
Holiseum will form a new Integrity360 services practice focused on OT/IoT and as a regional hub for the group in France
Posts about:
advisory ID: ADV-2025-ALL-05
date issued: 14 May 2025
severity: Critical (CVE-2025-29966), High (CVE-2025-30397)
CVSs scores:
CVSS Base Score: 9.8 CRITICAL
A critical vulnerability, CVE-2025-22457, has been identified in Ivanti Connect Secure (ICS), Pulse Connect Secure (PCS), Ivanti Policy Secure, and ZTA Gateways. This stack-based buffer overflow allows remote, unauthenticated attackers to execute arbitrary code on affected devices. The flaw is currently being actively exploited by a suspected Chinese advanced persistent threat (APT) group, UNC5221, to deploy custom malware families, TRAILBLAZE and BRUSHFIRE, facilitating persistent access and deep network intrusion.
Next.js is a popular development library for web developers. In the authentication section of the library in affected versions, there is a vulnerability which would allow an attacker to bypass authentication, potentially gaining access to sensitive data or maninpulating targeted accounts.
A critical remote code execution (RCE) vulnerability, identified as CVE-2025-23120, has been discovered in Veeam Backup & Replication (VBR). This flaw allows authenticated domain users to execute arbitrary code on the affected system. The vulnerability has been assigned a CVSS v3.1 score of 9.9, indicating its critical severity.
MITRE Caldera is an open-source cyber security platform designed for automating adversary emulation, red teaming, and threat hunting. It allows security teams to simulate real-world cyber threats, test defences, and improve incident response.
CVE-2025-21298 is a critical vulnerability present in the windows OLE that enables a remote code execution with a CVSS severity of 9.8. Object Linking and Embedding (OLE) is a proprietary technology developed by Microsoft that allows embedding and linking to documents and objects.
UPDATED ON 12/02/2025:
When a new security vulnerability emerges, there’s often a small window of time to respond before attackers start exploiting it in the wild. For LDAPNightmare (CVE-2024-49112), that window is quickly closing.
Microsoft’s latest Patch Tuesday release addressed 16 critical vulnerabilities, all classified as remote code execution flaws—a stark reminder of the importance of proactive patch management.
The recently discovered vulnerabilities in Veeam Service Provider Console, tracked as CVE-2024-42448 and CVE-2024-42449, have been classified as critical and high severity. If exploited, these vulnerabilities could severely undermine system integrity and operational security, jeopardising sensitive data and backup operations.
It’s that time of the year again when shoppers get ready to take advantage of the upcoming Black Friday and Cyber Monday sales. It’s also the time of the year when cyber criminals seek to take advantage of those bargain hunters.