Jump to the main content block
  1. Home
  2. Information Security
  3. Vulnerability Alert

【Vulnerability Alert】CISA has added 6 vulnerabilities known to be exploited by hackers to the Known Exploited Vulnerabilities (KEV) catalog (2025/10/13–2025/10/19).

publish date : 2025-10-23 update date : 2025-10-23

Source: Ministry of education information & communication security contingency platform

"" "" ""

Publication Number TACERT-ANA-2025102111100202 Publication Time 2025/10/21 11:38
Incident Type ANA-Vulnerability Alert Discovery Time 2025/10/21 11:38
Impact Level Low  
[Subject]
【Vulnerability Alert】CISA has added 6 vulnerabilities known to be exploited by hackers to the Known Exploited Vulnerabilities (KEV) catalog (2025/10/13–2025/10/19).

[Content]
Forwarded from TWCERTCC-200-202510-00000011

1.【CVE-2025-47827】IGEL OS Use of a Key Past its Expiration Date Vulnerability(CVSS v3.1:4.6)

【Whether exploited by ransomware:Unknown】 A security feature bypass vulnerability exists in IGEL OS due to improper signature verification in the igel-flash-driver module. Attackers could exploit this flaw to bypass the secure boot mechanism and mount a crafted root filesystem from an unauthenticated SquashFS image.

【Affected Platform】Please refer to the affected versions listed in the official documentation. https://kb.igel.com/en/security-safety/current/isn-2025-22-statement-on-cve-2025-47827-in-igel-os

2.【CVE-2025-24990】Microsoft Windows Untrusted Pointer Dereference Vulnerability(CVSS v3.1:7.8)

【Whether exploited by ransomware:Unknown】 An untrusted pointer dereference vulnerability exists in the Agere modem driver of Microsoft Windows, which could lead to privilege escalation. Successful exploitation of this vulnerability could allow an attacker to gain administrative privileges.

【Affected Platform】Please refer to the affected versions listed in the official documentation. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24990

3.【CVE-2025-59230】Microsoft Windows Improper Access Control Vulnerability(CVSS v3.1:7.8)

【Whether exploited by ransomware:Unknown】 An improper access control vulnerability exists in the Remote Access Connection Manager of Microsoft Windows, which may allow an unauthorized attacker to escalate privileges locally.

【Affected Platform】Please refer to the affected versions listed in the official documentation. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59230

4.【CVE-2025-6264】Rapid7 Velociraptor Incorrect Default Permissions Vulnerability(CVSS v3.1:5.5)

【Whether exploited by ransomware:Known】 An incorrect default permissions vulnerability exists in Rapid7 Velociraptor, which could lead to arbitrary command execution and endpoint compromise. To successfully exploit this vulnerability, an attacker must possess the COLLECT_CLIENT permission.

【Affected Platform】Please refer to the affected versions listed in the official documentation. https://docs.velociraptor.app/announcements/advisories/cve-2025-6264/

5.【CVE-2016-7836】SKYSEA Client View Improper Authentication Vulnerability(CVSS v3.1:9.8)

【Whether exploited by ransomware:Unknown】 An improper authentication vulnerability exists in SKYSEA Client View. Attackers could exploit a flaw in the authentication process between the management console program and TCP connections to achieve remote code execution.

【Affected Platform】Please refer to the affected versions listed in the official documentation. https://www.skygroup.jp/security-info/news/170308.html

6.【CVE-2025-54253】Adobe Experience Manager Forms Code Execution Vulnerability(CVSS v3.1:10.0)

【Whether exploited by ransomware:Unknown】 An unspecified vulnerability exists in Adobe Experience Manager Forms in JEE, which could lead to arbitrary code execution.

【Affected Platform】Please refer to the affected versions listed in the official documentation. https://helpx.adobe.com/security/products/aem-forms/apsb25-82.html

Information Sharing Level: WHITE (Information content can be publicly disclosed)
[Affected Platform]
The detailed information can be found under the “Affected Platform” section in the content description.

[Recommended Actions]
1.【CVE-2025-47827】The vendor has released an official statement regarding this vulnerability. Please update to other unaffected versions. https://kb.igel.com/en/security-safety/current/isn-2025-22-statement-on-cve-2025-47827-in-igel-os

2.【CVE-2025-24990】The vendor has released official patches for this vulnerability. Please update to the relevant fixed versions. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24990

3.【CVE-2025-59230】The vendor has released official patches for this vulnerability. Please update to the relevant fixed versions. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59230

4.【CVE-2025-6264】The vendor has released official patches for this vulnerability. Please update to the relevant fixed versions. https://docs.velociraptor.app/announcements/advisories/cve-2025-6264/

5.【CVE-2016-7836】The vendor has released official patches for this vulnerability. Please update to the relevant fixed versions. https://www.skygroup.jp/security-info/news/170308.html

6.【CVE-2025-54253】The vendor has released official patches for this vulnerability. Please update to the relevant fixed versions. https://helpx.adobe.com/security/products/aem-forms/apsb25-82.html
[Reference]
 
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer: Computer Center
Click Num:
Print