September 26, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Bitter APT – Active IOCs
September 25, 2025
Cisco IOS/XE Flaw Enables Remote Auth Bypass and Data Theft
September 25, 2025
Bitter APT – Active IOCs
September 25, 2025
Cisco IOS/XE Flaw Enables Remote Auth Bypass and Data Theft
September 25, 2025
Severity
Medium
Analysis Summary
CVE-2025-54097 CVSS:6.5
Microsoft Windows could allow a remote attacker to obtain sensitive information, caused by out-of-bounds read in Routing and Remote Access Service (RRAS).
CVE-2025-54095 CVSS:6.5
Microsoft Windows could allow a remote attacker to obtain sensitive information, caused by out-of-bounds read in Routing and Remote Access Service (RRAS).
CVE-2025-54109 CVSS:6.7
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by access of resource using incompatible type ('type confusion') in Defender Firewall Service.
CVE-2025-53810 CVSS:6.7
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by access of resource using incompatible type ('type confusion') in Defender Firewall Service.
CVE-2025-54111 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by use-after-free in UI XAML Phone DatePickerFlyout.
CVE-2025-54917 CVSS:4.3
Microsoft Windows could allow a remote attacker to bypass security restrictions, caused by protection mechanism failure in MapUrlToZone.
CVE-2025-54919 CVSS:7.5
Microsoft Windows could allow a local authenticated attacker to execute arbitrary code on the system, caused by concurrent execution using shared resource with improper synchronization ('race condition') in Win32K - GRFX.
Impact
- Code Execution
- Security Bypass
- Privilege Escalation
- Information Disclosure
Indicators of Compromise
CVE
CVE-2025-54097
CVE-2025-54095
CVE-2025-54109
CVE-2025-53810
CVE-2025-54111
CVE-2025-54917
CVE-2025-54919
Affected Vendors
- Microsoft
Affected Products
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
- Microsoft Windows Server 2022
- Microsoft Windows Server 2019 (Server Core installation)
- Microsoft Windows Server 2012 (Server Core installation)
- Microsoft Windows Server 2012 R2 (Server Core installation)
- Microsoft Windows Server 2016 (Server Core installation)
- Microsoft Windows 10 Version 1507
- Microsoft Windows 11 version 22H2
- Microsoft Windows 10 Version 1809
- Microsoft Windows 11 version 22H3
- Microsoft Windows 11 Version 23H2
- Microsoft Windows Server 2022 - 23H2 Edition (Server Core installation)
- Microsoft Windows 10 Version 21H2
- Microsoft Windows 10 Version 22H2
- Microsoft Windows 10 Version 1607
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.