Table of Contents
In this week’s Security Advisory
- SAP Patches Critical NetWeaver Vulnerabilities
- Cisco Patches DoS Vulnerability
- Adobe Patches Critical Commerce and Magento Vulnerability
- Microsoft’s September Patch Tuesday
- Zoom Workplace for Windows on ARM Missing Authorization Vulnerability
SAP Patches Critical NetWeaver Vulnerabilities
SAP has patched three critical severity vulnerabilities, CVE-2025-42944 (CVSS 10/10), CVE-2025-42922 (CVSS 9.9/10), and CVE-2025-42958 (CVSS 9.1/10), in its NetWeaver product that could lead to remote code execution and arbitrary file upload if exploited. This comes days after CVE-2025-42957 (CVSS 9.9/10) from last month’s patch cycle was confirmed to be exploited in the wild. If those patches have not been applied yet, it is highly recommended to do so.
Affected Versions
- A full list of affected versions can be found here.
Recommendations
- Apply the latest patches.
More Reading / Information
- https://thehackernews.com/2025/09/sap-patches-critical-netweaver-cvss-up.html
- https://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2025.html
Cisco Patches DoS Vulnerability
Cisco has released a patch for CVE-2025-20222 (CVSS 8.6/10), which affects the RADIUS Proxy feature in the IPsec VPN feature of its Adaptive Security Appliance (ASA) Software and Firewall Threat Defense (FTD) products. An attacker could exploit this vulnerability by sending IPv6 packets over an IPsec VPN connection to an affected device, which could allow them to restart the device.
Affected Versions
- This vulnerability affects Cisco Firepower 2100 Series Firewalls if they are running a vulnerable release of Cisco Secure Firewall ASA Software or Secure FTD Software and meet all the following conditions:
- IPsec VPN with Internet Key Exchange version 1 (IKEv1) or IKEv2 is enabled.
- IPv6 is enabled on the interface that is receiving RADIUS traffic.
- An access control list (ACL) is configured to permit IP traffic.
Recommendations
Install the latest updates.
More Reading / Information
Adobe Patches Critical Commerce and Magento Vulnerability
Adobe has patched a critical vulnerability in its Commerce and Magento open source platforms that could allow an attacker to take control of customer accounts. The vulnerability, CVE-2025-54236 (CVSS 9.1/10), combines a malicious session with a nested deserialization bug in Magento’s REST API. Adobe has not seen any exploitation attempts yet, and they have added WAF rules to protect environments against exploitation attempts that may target merchants using Adobe Commerce on Cloud infrastructure.
Affected Versions
- A full list of affected versions can be found here.
Recommendations
- Download the hotfix from the link above.
More Reading / Information
- https://helpx.adobe.com/security/products/magento/apsb25-88.html
- https://thehackernews.com/2025/09/adobe-commerce-flaw-cve-2025-54236-lets.html
Microsoft’s September Patch Tuesday
Microsoft’s September 2025 Patch Tuesday fixed 86 security vulnerabilities across Windows and related products. Eight are considered more likely to be targeted, including major issues like remote code execution, denial-of-service, and privilege escalation in core Windows components. Two of the most critical flaws, CVE-2025-54914 (CVSS 10/10), affect Azure Networking, and CVE-2025-55232 (CVSS 9.8/10) affects the high-performance compute (HPC) pack. Other high-risk vulnerabilities include flaws in SharePoint, Office, SQL Server, and Routing and Remote Access Service, though all are currently rated as unlikely to be exploited. There are no known exploits in the wild.
Affected Versions
- A full list of affected versions can be found here.
Recommendations
- Apply the latest patches.
More Reading / Information
- https://www.securityweek.com/microsoft-patches-86-vulnerabilities/
- https://thehackernews.com/2025/09/microsoft-fixes-80-flaws-including-smb.html
Zoom Workplace for Windows on ARM Missing Authorization Vulnerability
Zoom has released a security update that addresses CVE-2025-49459 (CVSS 7.8/10), a missing authorization vulnerability in Zoom Workplace for Windows ARM. This vulnerability could allow an attacker to perform actions without the required authorization, which may put sensitive data or system integrity at risk.
Affected Versions
- Zoom Workplace for Windows on ARM before version 6.5.0.
Recommendations
- Upgrade to Zoom Workplace for Windows ARM version 6.5.12 found here.
More Reading / Information
- https://cyberpress.org/zoom-releases-security-update/
- https://www.zoom.com/en/trust/security-bulletin/zsb-25032/?lang=null
Recommendations
Please review your environment to ensure the above-mentioned issues are patched in a timely manner. It is security best practice to regularly update and/or patch software to the latest versions. The vulnerabilities above highlight the security benefits of limiting deployed software to “vendor-supported versions” only. This dramatically increases the likelihood that new vulnerabilities have a patch issued for them. Likewise, CyberMaxx strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program.
