CVE Updates (November 17 – 23, 2025)

Vuln Recap Editor,

Here are the CVE updates for the week of November 17th through the 23rd.

🔴 Critical Severity Vulnerabilities

Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability (CISA KEV) | CVE-2025-61757

Description:
A critical vulnerability exists in the Identity Manager component of Oracle Fusion Middleware (REST WebServices) affecting versions 12.2.1.4.0 and 14.1.2.1.0. Because this flaw is easily exploitable, an unauthenticated attacker with network access via HTTP can fully compromise Identity Manager.

Potential Impacts:

  • Full Application Takeover: Attackers can gain complete control over Oracle Identity Manager without needing authentication.
  • Unauthorized Account Manipulation: They can create, modify, or delete identities, roles, and permissions.
  • Privilege Escalation Across Connected Systems: Attackers may pivot into integrated applications like ERP, HR, IAM, and cloud services.
  • Sensitive Data Exposure: Personal Identifiable Information (PII), credentials, and identity metadata might be accessed or altered.
  • Workflow & Service Disruption: Corrupted identity workflows could cause authentication failures and downtime across dependent systems.

Mitigation Recommendations:

  • Apply vendor patches immediately for versions 12.2.1.4.0 and 14.1.2.1.0.
  • Restrict REST WebServices endpoints to internal access only; avoid internet exposure.
  • Enforce strong access controls using API gateways, WAF rules, and strict authorization policies.
  • Monitor logs closely for unusual REST API calls, identity changes, and authentication anomalies.
  • Segment Identity Manager servers from critical systems to reduce lateral movement risks.
  • Require Multi-Factor Authentication (MFA) and apply least privilege principles for administrative access.

Microsoft SharePoint Online Elevation of Privilege Vulnerability | CVE-2025-59245

Description:
This privilege escalation vulnerability in Microsoft SharePoint Online allows authorized attackers to elevate their privileges beyond intended scopes. Consequently, attackers with limited access rights can gain higher permissions, potentially compromising SharePoint’s confidentiality, integrity, and availability.

Potential Impacts:

  • Unauthorized Privilege Escalation: Attackers can obtain elevated permissions beyond authorized scopes.
  • Access to Sensitive Data: Confidential documents, files, and organizational information might be exposed.
  • Modification or Deletion of Content: SharePoint data and configurations can be altered or deleted.
  • Disruption of Collaboration: Workflows and team productivity could be impacted.
  • Lateral Movement Risk: Compromise might extend to other Microsoft 365 services connected to SharePoint.

Mitigation Recommendations:

  • Apply security patches and updates to SharePoint Online promptly.
  • Restrict administrative access to trusted users and networks.
  • Implement role-based access control (RBAC) and least privilege principles.
  • Monitor and audit access logs for unusual privilege escalations.
  • Enable MFA for all users, especially those with elevated permissions.

Quark Cloud Drive DLL Hijacking Vulnerability | CVE-2025-63685

Description:
Quark Cloud Drive version 3.23.2 suffers from a DLL hijacking vulnerability due to insecure loading of system libraries. Specifically, the application fails to validate the path or signature of the regsvr32.exe executable it loads. Therefore, attackers can place malicious DLLs in the startup directory, which the program loads and executes upon launch.

Potential Impacts:

  • Remote code execution under the privileges of the user running the application.
  • Complete application compromise through malicious DLLs.
  • Persistence of attackers on the affected system.
  • Data theft or manipulation involving user data handled by the application.
  • Potential lateral movement depending on user privileges.

Mitigation Recommendations:

  • Update to the patched version of Quark Cloud Drive once available.
  • Validate that system libraries and executables load only from trusted locations.
  • Restrict write permissions to application directories to trusted users.
  • Use endpoint protection tools to detect and block unauthorized DLL injections.
  • Educate users about risks of running software from untrusted sources or opening unexpected files.

🟠 High Severity Vulnerabilities

Fortinet FortiWeb OS Command Injection Vulnerability (CISA KEV) | CVE-2025-58034: Multiple versions of Fortinet FortiWeb are vulnerable to OS Command Injection, allowing authenticated attackers to execute unauthorized code through crafted HTTP requests or CLI commands.

Google Chromium V8 Type Confusion Vulnerability (CISA KEV) | CVE-2025-13223: A type confusion flaw in the V8 JavaScript engine affects Google Chrome versions before 142.0.7444.175. Attackers can exploit this by convincing users to open a crafted HTML page, potentially causing heap corruption.

Apple Kernel Out-of-Bounds Read Vulnerability | CVE-2025-43374: Multiple Apple operating systems have a kernel-level out-of-bounds read vulnerability, which allows attackers physically near the device to read unauthorized kernel memory. Apple has released fixes in recent security updates.

Vault Terraform Provider LDAP Authentication Bypass Vulnerability | CVE-2025-13357: Vault’s Terraform Provider set the deny_null_bind parameter to false by default for LDAP authentication. This misconfiguration lets anonymous LDAP binds through, possibly bypassing authentication. The issue is fixed in version 5.5.0.

Scott Paterson Subscriptions & Memberships for PayPal Missing Authorization Vulnerability | CVE-2025-66107: The plugin versions up to 1.1.7 have missing authorization checks. Attackers can access or manipulate restricted functions or data due to improperly configured security levels.

🟡 Medium Severity Vulnerabilities

IBM Concert Software Clickjacking Vulnerability | CVE-2025-36149: IBM Concert Software versions 1.0.0 through 2.0.0 do not properly implement frame-busting or UI protection headers. Consequently, attackers can embed the app’s interface in malicious pages to hijack user clicks and trigger unintended operations.

ThemeAtelier Chat Help Missing Authorization Vulnerability | CVE-2025-66099: ThemeAtelier Chat Help plugin versions up to 3.1.3 contain a missing authorization vulnerability. Attackers can exploit improperly configured access controls to manipulate chat functions or data without proper permissions.

Uncontrolled Resource Consumption Vulnerability in userlog-index.php | CVE-2025-55128: An attacker with admin interface access can request arbitrarily large numbers of items per page, overwhelming the system and causing denial of service (DoS).

Post Views: 6
What You Missed Last Week

Leave a Reply

Your email address will not be published. Required fields are marked *