Are You Aware of These Critical Security Flaws Exploited in 2025?

Article Highlights
Off On

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken a crucial step in adding five critical security flaws affecting software from major companies such as Cisco, Hitachi Vantara, Microsoft, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog due to clear evidence of active exploitation. These vulnerabilities range from command injection and authorization bypass flaws to improper resource shutdown and path traversal threats, posing significant risks to systems worldwide.

Notable Vulnerabilities Identified

Router Vulnerabilities in Cisco’s Small Business RV Series

One of the identified security flaws, CVE-2023-20118, presents a particularly concerning threat, impacting Cisco Small Business RV Series routers with a CVSS score of 6.5. This flaw allows authenticated, remote attackers to gain root-level access, which they can exploit to take complete control over the affected systems. Unfortunately, remediation for this vulnerability remains elusive as these routers have already reached their end-of-life status. The lack of updates means affected users are left vulnerable to potential exploits, highlighting the importance of timely hardware and software updates in maintaining cybersecurity.

Flaws in Hitachi Vantara Pentaho BA Server

Another critical flaw is CVE-2022-43939 and CVE-2022-43769, which impact Hitachi Vantara Pentaho BA Server. The former flaw compromises security by allowing unauthorized access through non-canonical URL paths. This issue enables attackers to bypass normal security checks and gain access to restricted areas of the software. The latter vulnerability permits arbitrary command execution via Spring template injection, creating opportunities for attackers to execute harmful commands on the targeted system. Both issues have been addressed with fixes released in August 2024, with the updated versions being 9.3.0.2 and 9.4.0.1, respectively. These updates underscore the necessity for organizations to promptly apply security patches to mitigate potential exploitation risks.

Microsoft’s Windows Win32k and Progress WhatsUp Gold

Microsoft’s Windows Win32k vulnerability, CVE-2018-8639, is another critical flaw that has come under scrutiny. This vulnerability allows for privilege escalation and arbitrary code execution in kernel mode. Addressed back in December 2018, the flaw’s enduring relevance signifies the long-term impacts that unresolved vulnerabilities can have on system security. If successfully exploited, attackers could execute malicious code with high-level privileges, causing significant disruption and potential data breaches.

Similarly, Progress WhatsUp Gold faces its own threat with the CVE-2024-4885 flaw, which carries a staggering CVSS score of 9.8. This vulnerability permits unauthenticated remote code execution, granting attackers unprecedented access to the affected systems. The issue was resolved in version 2023.1.3, rolled out in June 2024. These high-severity vulnerabilities accentuate the critical need for organizations to stay vigilant and up to date with security advisories, ensuring their systems are shielded from emerging threats.

Exploitation Instances and Mitigation

Instances of Exploitation and Botnet Infiltration

Available data on exploitation shows a combination of limited reports and notable cases of weaponization. For instance, CVE-2023-20118 saw exploitation as threat actors integrated the affected routers into the PolarEdge botnet. This development is a stark reminder of the sophisticated methods attackers use to compromise systems and leverage them for widespread disruptions. The PolarEdge botnet illustrates how vulnerabilities in seemingly routine devices can be exploited for more extensive malicious activities, causing significant harm to targeted networks.

Moreover, CVE-2024-4885 has been targeted by up to eight IP addresses from different countries, emphasizing the global nature of cybersecurity threats. This widespread targeting indicates a coordinated effort by cybercriminals to exploit known vulnerabilities, overcome security barriers, and infiltrate networks across the globe. Additionally, the CVE-2018-8639 vulnerability had been utilized by a Chinese group named Dalbit for privilege escalation in South Korea. These diverse exploitation tactics highlight the international and multi-faceted dimensions of cybersecurity threats faced by organizations today.

Response from Federal Agencies and Future Considerations

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has made a significant move by adding five critical security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These flaws impact software from major tech companies such as Cisco, Hitachi Vantara, Microsoft, and Progress WhatsUp Gold. The inclusion of these vulnerabilities is due to clear evidence of their active exploitation in the wild, posing substantial risks to systems globally. The types of vulnerabilities addressed include command injection, authorization bypass, improper resource shutdown, and path traversal threats. These security issues can potentially allow attackers to execute arbitrary commands, bypass security controls, improperly manage hardware resources, and exploit path traversal flaws to access sensitive files. By highlighting these vulnerabilities, CISA aims to prompt rapid action among organizations to patch these weaknesses and fortify their defenses, ensuring the ongoing security and stability of critical infrastructure and software systems worldwide.

Explore more

How Does AWS Outage Reveal Global Cloud Reliance Risks?

The recent Amazon Web Services (AWS) outage in the US-East-1 region sent shockwaves through the digital landscape, disrupting thousands of websites and applications across the globe for several hours and exposing the fragility of an interconnected world overly reliant on a handful of cloud providers. With billions of dollars in potential losses at stake, the event has ignited a pressing

Qualcomm Acquires Arduino to Boost AI and IoT Innovation

In a tech landscape where innovation is often driven by the smallest players, consider the impact of a community of over 33 million developers tinkering with programmable circuit boards to create everything from simple gadgets to complex robotics. This is the world of Arduino, an Italian open-source hardware and software company, which has now caught the eye of Qualcomm, a

AI Data Pollution Threatens Corporate Analytics Dashboards

Market Snapshot: The Growing Threat to Business Intelligence In the fast-paced corporate landscape of 2025, analytics dashboards stand as indispensable tools for decision-makers, yet a staggering challenge looms large with AI-driven data pollution threatening their reliability. Reports circulating among industry insiders suggest that over 60% of enterprises have encountered degraded data quality in their systems, a statistic that underscores the

How Does Ghost Tapping Threaten Your Digital Wallet?

In an era where contactless payments have become a cornerstone of daily transactions, a sinister scam known as ghost tapping is emerging as a significant threat to financial security, exploiting the very technology—near-field communication (NFC)—that makes tap-to-pay systems so convenient. This fraudulent practice turns a seamless experience into a potential nightmare for unsuspecting users. Criminals wielding portable wireless readers can

Bajaj Life Unveils Revamped App for Seamless Insurance Management

In a fast-paced world where every second counts, managing life insurance often feels like a daunting task buried under endless paperwork and confusing processes. Imagine a busy professional missing a premium payment due to a forgotten deadline, or a young parent struggling to track multiple policies across scattered documents. These are real challenges faced by millions in India, where the