Global Site
Argentina Aruba Barbados Bolivia Brazil Canada Cayman Islands Chile Colombia Costa Rica Curacao El Salvador Guatemala Honduras Mexico Paraguay Peru Puerto Rico Saint Martin Suriname United States Uruguay Venezuela
Australia Cambodia China Hawaii Hong Kong India Indonesia Japan Macau Malaysia Maldives Mongolia Myanmar Nepal New Zealand Pakistan Philippines Singapore South Korea Sri Lanka Taiwan Thailand Vietnam
Albania Andorra Armenia Austria Azerbaijan Belgium Bulgaria Croatia Cyprus Czech Republic Denmark Estonia Finland France Georgia Germany Greece Hungary Ireland Italy Kazakhstan Kosovo Latvia Lithuania Luxembourg Malta Moldova Netherlands Norway Poland Portugal Romania Serbia Slovakia Slovenia Spain Sweden Switzerland Tajikistan Turkey Ukraine United Kingdom Uzbekistan
Algeria Angola Bahrain Egypt Ghana Israel Jordan Kenya Kuwait Lebanon Liberia Mauritius Morocco Mozambique Nigeria Oman Qatar Saudi Arabia Senegal Sierra Leone South Africa Tanzania Togo Tunisia Uganda United Arab Emirates Yemen
Contact Us
home News
11th to 17th August 2025

Weekly Cyber Security Bulletin: 11th to 17th August 2025

8/19/2025
11th to 17th August 2025

As cyber threats continue to evolve in sophistication and scale, organizations must stay vigilant. Our weekly security bulletin highlights the latest vulnerabilities, active attack campaigns, and key cybersecurity news from 11th to 17th August 2025.

1. Vulnerability Details

1.1 Microsoft Patch Tuesday – August 2025

Release Date: 12th August 2025
Vulnerabilities: 111 (16 Critical, 92 Important, 2 Moderate, 1 Low)
Notable CVEs: CVE-2025-53786 (Privilege Escalation in Exchange Server), CVE-2025-53779 (Windows Kerberos Zero-Day)
Affected Products: Microsoft Windows, Exchange Server, Edge browser
Description: Microsoft released security patches for 111 vulnerabilities across its product portfolio. The update addresses privilege escalation, remote code execution, and information disclosure issues. Particularly concerning is CVE-2025-53779, a publicly disclosed zero-day affecting Windows Kerberos, and CVE-2025-53786, a high-risk privilege escalation flaw in Exchange Server hybrid setups. Edge Chromium also received patches for 16 issues, including two spoofing vulnerabilities in Edge for Android.

Read more: https://msrc.microsoft.com/update-guide/releaseNote/2025-Aug

1.2 RARLAB WinRAR Path Traversal Vulnerability

Release Date: 8th August 2025
CVE: CVE-2025-8088
CVSS Score: 8.4 (High)
Affected Products: WinRAR versions prior to 7.13
Description: A path traversal vulnerability in WinRAR for Windows allows attackers to craft malicious archives that bypass user-specified extraction paths. This flaw enables execution of arbitrary code on the target system. The vulnerability has been exploited in the wild and was discovered by security researchers from ESET. Users are advised to update to the latest version immediately.

Read more: https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=283&cHash=a64b4a8f662d3639dec8d65f47bc93c5

1.3 Cisco Secure Firewall Management Center (FMC) – RADIUS Remote Code Execution

Release Date: 14th August 2025
CVE: CVE-2025-20265
CVSS Score: 10.0 (Critical)
Affected Products: Cisco Secure FMC 7.0.7 and 7.7.0
Description: An unauthenticated remote attacker can exploit the RADIUS subsystem to inject shell commands, executed at high privilege levels. Exploitation requires FMC to be configured for RADIUS authentication. Cisco has released updates, and no workarounds fully mitigate this vulnerability.

Read more: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-radius-rce-TNBKf79

1.4 Adobe Patch Tuesday – August 2025

Release Date: 14th August 2025
CVEs: Multiple, e.g., CVE-2025-49554 to CVE-2025-54238
CVSS Score: Up to 9.8 (Critical)
Affected Products: Adobe Photoshop, Illustrator, InDesign, Animate, Adobe Commerce, Substance 3D suite, FrameMaker, Dimension, and InCopy
Description: Adobe released patches for 60 vulnerabilities, affecting 13 products. Flaws include memory management and input validation issues, enabling remote code execution and privilege escalation. Adobe Commerce and Photoshop are heavily impacted. Immediate updates are recommended for networked systems.

Read more: https://helpx.adobe.com/security/Home.html

1.5 Apache bRPC – Denial-of-Service Vulnerability

Release Date: 12th August 2025
CVE: CVE-2025-54472
CVSS Score: 7.5 (High)
Affected Products: Apache bRPC < 1.14.1
Description: A flaw in the Redis protocol parser allows attackers to crash services by sending specially crafted packets with large integer values. The issue leads to memory allocation errors (bad_alloc). Version 1.14.1 mitigates this vulnerability, imposing a 64MB allocation limit. Internet-facing systems are particularly at risk.

Read more: https://lists.apache.org/thread/pvw31sxjj1yz0f8f8lp9m09h70w9hnct

1.6 Google Chrome – High-Severity Vulnerabilities

Release Date: 13th August 2025
CVEs: CVE-2025-8879, CVE-2025-8880, CVE-2025-8901, CVE-2025-8881, CVE-2025-8882
CVSS Score: 8.8 (High) for top three, 6.5 (Medium) for the others
Affected Products: Chrome < 139.0.7258.127/.128
Description: Google patched several high-severity vulnerabilities allowing arbitrary code execution, including a heap buffer overflow in libaom, a V8 race condition, and an out-of-bounds write in ANGLE. Users should update Chrome immediately; enterprises should prioritize deployment.

2. Attack Campaigns

2.1 Citrix NetScaler – CVE-2025-6543

Active exploitation has been reported in the Netherlands. The vulnerability (CVSS 9.2) enables denial-of-service attacks on devices configured as Gateway or AAA virtual servers. Citrix has released patches for affected versions, and immediate updates are advised.

Read more: https://www.ncsc.nl/actueel/nieuws/2025/07/22/casus-citrix-kwetsbaarheid

2.2 Charon Ransomware – Targeted Attacks in the Middle East

Charon ransomware has been deployed against public sector and aviation organizations using DLL sideloading via Edge.exe. The ransomware is tailored, with custom ransom notes specifying the victim organization, confirming targeted attacks rather than opportunistic campaigns.

Read more: https://www.trendmicro.com/en_us/research/25/h/new-ransomware-charon.html

2.3 FortiSIEM – OS Command Injection Vulnerability

An OS command injection vulnerability allows unauthenticated attackers to execute commands via CLI. Practical exploit code exists in the wild. Multiple FortiSIEM versions are affected; organizations must upgrade to patched releases.

Read more: https://fortiguard.fortinet.com/psirt/FG-IR-25-152

3. Security News

3.1 Fortinet SSL VPN Bruteforcer

Over 780 malicious IPs launched brute-force attacks on Fortinet SSL VPNs globally, targeting regions including Hong Kong, Brazil, Spain, Japan, and the U.S. The attacks appear coordinated and focused rather than opportunistic.

Read more: https://viz.greynoise.io/tags/fortinet-ssl-vpn-bruteforcer?days=1

3.2 Erlang/OTP SSH Vulnerability (CVE-2025-32433)

A critical SSH flaw allows unauthenticated clients to execute commands by sending specific SSH protocol messages. Affected versions include OTP prior to 27.3.3, 26.2.5.11, and 25.3.2.20. Patches are available in OTP-27.3.3, OTP-26.2.5.11, OTP-25.3.2.20 and later.

Read more: https://unit42.paloaltonetworks.com/erlang-otp-cve-2025-32433/ 

Conclusion & Recommendations

This week’s bulletin highlights the urgency for organizations to:

  1. Apply patches promptly for Microsoft, Adobe, Cisco, Chrome, and other critical products.
  2. Monitor systems for indicators of compromise, particularly for Citrix NetScaler, FortiSIEM, and Charon ransomware attacks.
  3. Review configurations and access controls, especially for SSL VPNs and SSH services.
  4. Educate staff about phishing and targeted attacks to mitigate social engineering risks.

Staying proactive and informed is crucial as attackers continue to exploit high-severity vulnerabilities globally.

For industry-specific cyber threat consultation, assessments, compliance and solutions in UAE & GCC countries, contact our Cyber Threat Management team at Crowe UAE,+971 55 343 8693, [email protected]