Let's see how we can help you!
Leave a message and our dedicated advisor will contact you.
Send us a message
0/10000
Top Critical Vulnerabilities of the Week: September 2025
Published: 00:00 09/12/2025
Podatności
Microsoft Vulnerabilities: Windows, Office, Azure
- CVE-2025-55232 (CVSS 9.8): Microsoft High Performance Compute Pack – allows remote code execution by an unauthenticated attacker through deserialization of untrusted data. The vulnerability is potentially "wormable" and requires immediate patching.
- CVE-2025-55234 (CVSS 8.8): Windows SMB Server – allows for a relay attack and privilege escalation. Enabling SMB Signing and EPA is recommended.
- CVE-2025-54918 (CVSS 8.8): Windows NTLM – this vulnerability allows for privilege escalation to privileged accounts; used in attacks targeting the SYSTEM account.
- CVE-2025-55226, CVE-2025-55228, CVE-2025-55236: Windows Graphics Kernel – allow for remote code execution by winning race conditions or through authentication errors.
- CVE-2025-55224: Windows Hyper-V – remote code execution by an authenticated user.
- CVE-2025-54910: Microsoft Office – a heap-based buffer overflow allowing remote code execution after opening a malicious file.
- CVE-2025-53799: Windows Imaging Component – allows for the disclosure of memory fragments to unauthorized users.
Android
- CVE-2025-38352: Kernel – a zero-day, actively exploited for privilege escalation without user interaction.
- CVE-2025-48543: Android Runtime – a zero-day, allows for privilege escalation, active exploitation.
- CVE-2025-48539: System component – a critical RCE, requires immediate update.
Infrastructure and ICS
- Critical vulnerabilities in Rockwell and ABB systems in industrial sectors – allow for taking control and escalating privileges in OT/ICS networks.
Others
- Sangoma: A critical zero-day – a flaw in communication systems, enabling data leakage.
- Salesloft Drift OAuth: An OAuth vulnerability allowing exfiltration attacks in sales automation systems.
Sources and Recommendations
Patch Tuesday: Crowdstrike, Tenable, BleepingComputer
SecurityAffairs, CyberScoop, Splashtop
Android Security Bulletin
CISA, IndustrialCyber, Capturethebug
Immediate patching of production environments and updating systems for the listed vulnerabilities is recommended. Delaying the deployment of patches significantly increases the risk of IT infrastructure compromise.
For detailed information about the latest Patch Tuesday, see our article on Microsoft's September patches. To better understand zero-day vulnerability mechanisms, read our comprehensive guide to 0-day vulnerabilities.
About the Author
Aleksander Zębrowski
Chief Technology Officer at SecurHub.pl
PhD candidate in neuroscience. Psychologist and IT expert specializing in cybersecurity.
Related Articles
Podatności
Patch Tuesday: Microsoft Patches Two Zero-Days and a Critical NTLM Flaw
September's Patch Tuesday brings 84 security fixes, including for two actively exploited zero-day vulnerabilities. Administrators should pay close attention to a critical flaw in Windows NTLM.
15.09.2025
3 min
Podatności
Critical "SessionReaper" Vulnerability in Adobe Commerce and Magento
Adobe warns of a critical vulnerability, CVE-2025-54236 "SessionReaper," which allows for customer account takeover in Adobe Commerce and Magento platforms.
13.09.2025
2 min
Podatności
Cl0p Steals Data Through Oracle Vulnerability – Is Your Company Next in Line?
The Cl0p ransomware group exploited a zero-day in Oracle E-Business Suite (CVE-2025-61882), stealing data from multiple companies in August. Oracle just released a patch, but experts warn: check your systems now, as attacks continue.
06.10.2025
4 min
Comments
Loading comments...