Top Reported Known Exploitable Issues:
Here is the complete list of vulnerabilities for this month that we’ve updated within our platform, to be treated as a priority:
CVE-2025-20265 | Cisco
Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Centre (FMC) Software that could allow an attacker to execute arbitrary code on affected systems. The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.
CVE-2022-40799 | D-Link
Data Integrity Failure in ‘Backup Config’ in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device.
CVE-2020-25078 | D-Link
An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure.
CVE-2024-26009 | Fortinet
Fortinet has released a security advisory to address a high severity vulnerability affecting the FGFM (FortiGate to FortiManager) protocol in FortiOS (FortiGate), FortiPAM, FortiProxy, and FortiSwitchManager. Devices are only vulnerable if managed by a FortiManager. CVE-2024-26009 – Weak Authentication — FGFM Protocol – CVSSv3 score: 7.9 Affected organisations are encouraged to review the Fortinet PSIRT FG-IR-24-042 and apply the relevant updates as soon as possible.
CVE-2025-8088 | Winrar
The maintainers of the WinRAR file archiving utility have released an update to address an actively exploited zero-day vulnerability. Tracked as CVE-2025-8088 (CVSS score: 8.8), the issue has been described as a case of path traversal affecting the Windows version of the tool that could be exploited to obtain arbitrary code execution by crafting malicious archive files. “When extracting a file, previous versions of WinRAR, Windows versions of RAR, UnRAR, portable UnRAR source code and UnRAR.dll can be tricked into using a path, defined in a specially crafted archive, instead of a specified path,” WinRAR said in an advisory.
CVE-2025-53786 | Exchange hybrid deployment
Microsoft has released an advisory for a high-severity security flaw affecting on-premise versions of Exchange Server that could allow an attacker to gain elevated privileges under certain conditions. The vulnerability, tracked as CVE-2025-53786, carries a CVSS score of 8.0. Dirk-jan Mollema with Outsider Security has been acknowledged for reporting the bug. “In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate privileges within the organization’s connected cloud environment without leaving easily detectable and auditable traces,” the tech giant said in the alert.
CVE-2025-54948 | trend Micro Apex One
A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.
CVE-2025-54987 | Trend Micro
A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture.
CVE-2025-52914 | Mitel MiCollab
The high severity vulnerability CVE-2025-52914 affects MiCollab and is a SQL injection vulnerability with a CVSSv3 score of 8.8. Successful exploitation could allow an authenticated attacker to gain unauthorised access to provisioning information and execute arbitrary SQL database commands.
CVE-2025-6543 | Citrix
CVE-2025-6543 (CVSS score: 9.2) is a critical security vulnerability in NetScaler ADC that results in unintended control flow and denial-of-service (DoS) when the devices are configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.
CVE-2025-8875 | N-Able
N-able has released a critical security update for N-central, a remote monitoring and management (RMM) platform used to manage, secure, and automate IT environments. The two vulnerabilities have been given the CVE designation of CVE-2025-8875 and CVE-2025-8876, and can be exploited by an authenticated attacker. The US Cybersecurity and Infrastructure Agency (CISA) have added CVE-2025-8875 and CVE-2025-8876 to its Known Exploited Vulnerability Catalog with the following information: CVE-2025-8875 – N-able N-central Insecure Deserialization Vulnerability CVE-2025-8876 – N-able N-central Command Injection Vulnerability.
