August Vulnerabilities of Note
Sept. 15, 2025, 10:09 p.m.
Description
In August 2025, eighteen high-impact vulnerabilities were identified for prioritized remediation, down from 22 in July. The month saw a focus on Citrix and D-Link flaws, with active exploitation of Citrix NetScaler products and D-Link routers. OS Command Injection was the most common weakness. One vulnerability was linked to a malware campaign by the Russia-linked group RomCom. Six vulnerabilities allowed remote code execution, affecting WinRAR, Citrix, FreePBX, and Microsoft products. Notable exploits included a critical Citrix NetScaler flaw (CVE-2025-7775) and a WinRAR vulnerability (CVE-2025-8088) used by RomCom to deliver malware. Other significant vulnerabilities affected N-able N-central, Cisco Secure FMC, and Fortinet FortiSIEM.
Tags
Date
- Created: Sept. 15, 2025, 6 p.m.
- Published: Sept. 15, 2025, 6 p.m.
- Modified: Sept. 15, 2025, 10:09 p.m.
Indicators
- e0cbe8f18315a2ee781de48565dc8a087a1564557c42c66067f65c267120c894
- 0517d413beb3e124e773d7ccc1983b226d6593d1f46a81ba7e79a8b48d6242fa
- 8082956ace8b016ae8ce16e4a777fe347c7f80f8a576a6f935f9d636a30204e7
- https://gohazeldale.com
- https://srlaptop.com/s/0.7.8/clarity.js
- https://melamorri.com/iEZGPctehTZ
- https://campanole.com/TOfrPOseJKZ
- srlaptop.com
- melamorri.com
- gohazeldale.com
- campanole.com
Attack Patterns
- Mythic C2 agent
- RustyClaw
- SnipBot
- RomCom
Additional Informations
- Technology
- Telecommunications
- British Indian Ocean Territory
- Kenya
- Singapore
- India
- Australia
- Netherlands
- Canada
- Germany
- United Kingdom of Great Britain and Northern Ireland
- United States of America