Here are the CVE updates for the week of August 25th through 31st.
🔴 Critical Severity Vulnerabilities
Citrix NetScaler Memory Overflow Vulnerability (CISA KEV) | CVE-2025-7775
Description:
A memory overflow vulnerability has been identified in NetScaler ADC and NetScaler Gateway. It can lead to Remote Code Execution (RCE) and/or Denial of Service (DoS). This issue affects deployments configured as VPN virtual server, ICA Proxy, CVPN, RDP Proxy, AAA virtual server, Load Balancing virtual servers of type HTTP, SSL, or HTTP_QUIC bound with IPv6 or DBS IPv6 services, and Content Routing virtual servers of type HDX. Because it is remotely exploitable without authentication, a successful attack may result in arbitrary code execution with system-level privileges or complete service disruption. Furthermore, organizations relying heavily on NetScaler services may face cascading failures across multiple critical functions.
Potential Impacts:
- Remote Code Execution: Attackers may gain full control of the device, execute arbitrary commands, or implant persistent malware.
- Denial of Service: Exploitation can crash or destabilize NetScaler services, disrupting VPN, load balancing, or authentication.
- Credential & Session Theft: Attackers could intercept user traffic passing through compromised appliances.
- Lateral Movement: Compromised appliances may be used to pivot deeper into the internal network.
Mitigation Recommendations:
- Patch Immediately: Apply Citrix security updates addressing CVE-2025-7775.
- Restrict Exposure: Limit access to NetScaler appliances, especially Gateway and AAA services, to trusted networks or VPNs.
- Enable Logging & Monitoring: Actively monitor for unusual crashes, high memory usage, or suspicious administrative actions.
- Segment Critical Infrastructure: Isolate NetScaler appliances from core systems to minimize impact.
- Apply Security Hardening: Disable unused services and enforce strong authentication.
Out-of-Bounds Read in Apple macOS | CVE-2025-43284
Description:
An out-of-bounds read vulnerability exists in Apple macOS. A malicious application may exploit this flaw to trigger unexpected system termination, which causes denial-of-service conditions. The issue affects macOS Sonoma prior to 14.7.7, Ventura prior to 13.7.7, and Sequoia prior to 15.6. However, Apple has resolved the problem through improved bounds checking, and therefore applying the update is essential.
Potential Impacts:
- System Crash: Unexpected termination of macOS processes or the OS itself.
- Denial of Service (DoS): Interruption of normal system availability.
- Attack Chaining: Could serve as a precursor when combined with other vulnerabilities.
Mitigation Recommendations:
- Update macOS: Install Sonoma 14.7.7, Ventura 13.7.7, or Sequoia 15.6.
- Application Control: Restrict installation and execution of untrusted apps.
- System Monitoring: Continuously monitor for abnormal system crashes.
Stack-Based Buffer Overflow in Sunway ForceControl NetDBServer Service | CVE-2011-10032
Description:
A stack-based buffer overflow vulnerability exists in Sunway ForceControl version 6.1 SP3 and earlier, specifically within the SNMP NetDBServer service (TCP port 2001). The flaw is triggered when the service processes an opcode 0x57 packet with an excessively long payload. Because of insufficient bounds checking, attacker-controlled data can overwrite the Structured Exception Handler (SEH). Consequently, this permits arbitrary code execution in the service context. In addition, because the vulnerability is remotely exploitable without authentication, it significantly elevates the overall risk of compromise.
Potential Impacts:
- Remote Code Execution (RCE): Attackers gain execution with service-level privileges.
- System Compromise: Exploitation can lead to total control of the affected system.
- Service Disruption: Crafted payloads may crash NetDBServer, causing denial of service.
- Persistence: Attackers could implant backdoors or malware for long-term access.
Mitigation Recommendations:
- Update Software: Upgrade to a patched version of Sunway ForceControl.
- Restrict Access: Block or restrict TCP port 2001 from untrusted networks.
- Apply Network Segmentation: Isolate vulnerable services behind firewalls.
- Intrusion Detection: Monitor for anomalous SNMP traffic targeting opcode 0x57.
- Vendor Guidance: Follow Sunway’s advisories for official fixes.
🟠 High Severity Vulnerabilities
Git Link Following Vulnerability (CISA KEV) | CVE-2010-20120: In Maple versions ≤ 13, malicious .maplet files can bypass security restrictions and execute arbitrary commands once opened. Unlike regular worksheets, these files ignore execution limits. Therefore, attackers can trigger code execution without user consent.
Arbitrary File Reading in QbiCRMGateway | CVE-2025-9639: A path traversal flaw allows unauthenticated attackers to download sensitive system files. Exploitation could expose configuration data, credentials, or OS-level files. Consequently, attackers may escalate attacks and leverage stolen information to compromise additional services.
Privilege Escalation in NAVER MYBOX Explorer for Windows | CVE-2025-58323: ersions prior to 3.0.8.133 fail to enforce privilege checks. As a result, local attackers can execute arbitrary files with NT AUTHORITY\SYSTEM, gaining full device control.
Remote Code Execution in XAMPP 1.7.3 WebDAV | CVE-2012-10062: The default /webdav/ service accepts PUT requests with default credentials. Therefore, attackers can upload malicious PHP files and trigger them remotely, achieving RCE.
SQL Injection in IBM watsonx Orchestrate Cartridge | CVE-2025-0165: Improper SQL query handling enables attackers to inject malicious statements. Thus, they may read, alter, or delete data in the back-end database, causing breaches or integrity loss.
🟡 Medium Severity Vulnerabilities
Citrix Session Recording Improper Privilege Management (CISA KEV) | CVE-2010-20120: In older versions of Maple up to 13, .maplet files bypass restrictions and execute code when opened. Moreover, because users only need to open the file for exploitation, the attack surface becomes broader.
Citrix Session Recording Deserialization of Untrusted Data (CISA KEV) | CVE-2024-8069: Citrix Session Recording improperly deserializes untrusted data, enabling limited RCE under the NetworkService account. While attackers must already be authenticated within the intranet, the flaw still enables insider threats and lateral movement.