Rhadamanthys Stealer – Active IOCs
July 18, 2025CVE-2025-7673 – Zyxel VMG8825-T50K Firmware Vulnerability
July 18, 2025Rhadamanthys Stealer – Active IOCs
July 18, 2025CVE-2025-7673 – Zyxel VMG8825-T50K Firmware Vulnerability
July 18, 2025Severity
High
Analysis Summary
CVE-2025-48822 CVSS:8.6
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
CVE-2025-47980 CVSS:6.2
Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally.
CVE-2025-49735 CVSS:8.1
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
CVE-2025-49661 CVSS:7.8
Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2025-48820 CVSS:7.8
Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.
CVE-2025-48000 CVSS:7.8
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
CVE-2025-49724 CVSS:8.8
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.
CVE-2025-48823 CVSS:5.9
Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.
CVE-2025-47985 CVSS:7.8
Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
CVE-2025-49660 CVSS:7.8
Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
Impact
- Information Disclosure
- Code Execution
- Privilege Escalation
Indicators of Compromise
CVE
CVE-2025-48822
CVE-2025-47980
CVE-2025-49735
CVE-2025-49661
CVE-2025-48820
CVE-2025-48000
CVE-2025-49724
CVE-2025-48823
CVE-2025-47985
CVE-2025-49660
Affected Vendors
- Microsoft
Affected Products
- Microsoft Windows Server 2019
- Microsoft Windows 10 for 32-bit Systems
- Microsoft Windows 10 for x64-based Systems
- Microsoft Windows 10 Version 1607 for 32-bit Systems
- Microsoft Windows 10 Version 1607 for x64-based Systems
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
- Microsoft Windows Server (Server Core installation) 2016
- Microsoft Windows Server 2022
- Microsoft Windows Server 2022 23H2
- Microsoft Windows Server 2019 (Server Core installation)
- Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2
- Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
- Microsoft Windows Server 2008 for x64-based Systems Service Pack 2
- Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
- Microsoft Windows Server 2012 (Server Core installation)
- Microsoft Windows Server 2012 R2 (Server Core installation)
- Microsoft Windows Server 2016 (Server Core installation)
- Microsoft Windows Server 2025
- Microsoft Windows 11 Version 24H2 for x64-based Systems
- Microsoft Windows 11 Version 24H2 for ARM64-based Systems
- Microsoft Windows 11 Version 23H2 for x64-based Systems
- Microsoft Windows 11 Version 23H2 for ARM64-based Systems
- Microsoft Windows Server 2025 (Server Core installation)
- Microsoft Windows 10 Version 22H2 for x64-based Systems
- Microsoft Windows 11 Version 22H2 for x64-based Systems
- Microsoft Windows 11 Version 22H2 for ARM64-based Systems
- Microsoft Windows 10 Version 21H2 for x64-based Systems
- Microsoft Windows 10 Version 22H2 for 32-bit Systems
- Microsoft Windows 10 Version 22H2 for ARM64-based Systems
- Microsoft Windows 10 Version 21H2 for ARM64-based Systems
- Microsoft Windows 10 Version 21H2 for 32-bit Systems
- Microsoft Windows Server 2022 23H2 Edition (Server Core installation)
Remediation
Refer to Microsoft Windows Website for patch, upgrade, or suggested workaround information.