Cybersecurity Nightmares: Are You Vulnerable Today?

Good morning, cybersecurity enthusiasts! Today’s update is packed with information on the latest vulnerabilities and advisories that are shaking up the digital landscape. Grab your cuppa and read on as we break down the key stories in clear, everyday language.

CISA Issues Five Industrial Control Systems Advisories

On 20 March 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released five detailed advisories focused on Industrial Control Systems (ICS). These advisories highlight security vulnerabilities across a range of vendors and serve as a timely reminder for industrial organisations to double-check their systems. If your business relies on such critical systems, staying ahead of potential exploits is essential—even for those of us at Synergos Consultancy who help businesses stay compliant and secure.

Emerging Exploits and Notable Vulnerabilities

Apache Tomcat Remote Code Execution

A vulnerability in Apache Tomcat (CVE-2025-24813) has been actively exploited in the wild. With improper safeguards having enabled unauthenticated remote code execution, organisations running affected versions should follow the mitigation steps outlined by the vendor to avoid your servers turning into a hacker’s playground.

Cisco Smart Licensing Under Attack

Cisco vulnerabilities (CVE-2024-20439 and CVE-20440) in the Smart Licensing Utility are currently being exploited. This ongoing campaign underscores the importance of patching vulnerabilities promptly, ensuring that your network remains robust against unauthorised access.

Dell PowerEdge FX2 and VRTX Firmware Vulnerability

Dell’s Chassis Management Controller firmware for both the PowerEdge FX2 and VRTX systems (CVE-2025-26336) suffers from a stack-based buffer overflow. With severity rated at 8.3 (HIGH), an unauthenticated remote attacker could exploit this issue to execute code remotely, hence immediate attention is recommended.

EBM Maintenance Center’s SQL Injection Risk

The EBM Maintenance Center (CVE-2025-2585) is facing a high-severity SQL injection vulnerability (8.8). This flaw allows remote attackers to inject arbitrary SQL commands and manipulate database content, showcasing how critical it is to secure your inputs and maintain regular review of software components.

Microsoft Partner Center Privilege Escalation

Improper authorisation in the Microsoft Partner Center (CVE-2025-29814) now allows an authorised user to escalate privileges across a network. With a critical severity rating of 9.3, this vulnerability demands a swift patching process to prevent any risky escalations.

Microsoft Dataverse Remote Code Execution

A deserialization flaw in Microsoft Dataverse (CVE-2025-29807) permits code execution over a network. With its high severity level at 8.7, organisations need to treat this vulnerability with extra caution as untrusted data deserialization can often be the gateway to more significant breaches.

Esri ArcGIS Enterprise Portal Password Recovery Issue

CVE-2025-2538 reveals a critical (9.8 severity) vulnerability in certain ArcGIS Enterprise deployments that could allow an attacker to reset the built-in admin account password. This serves as a powerful reminder that even custom password recovery mechanisms require robust security checks.

eTRAKiT.net SQL Injection Weakness

An SQL injection vulnerability (CVE-2025-29980) in eTRAKiT.net release 3.2.1.77 has been detected, putting users at risk when executing arbitrary commands. Given the critical (9.8 severity) nature of the flaw, users are advised to disable certain CRM features until they can migrate to an updated, supportable version.

Unusual Activity in Kubernetes-Like Control Plane

A vulnerability in kcp (CVE-2025-29922) has been uncovered, where unauthorised object creation and deletion via the APIExport VirtualWorkspace is possible. This critical vulnerability (9.6 severity) bypasses normal access controls and underscores the need for robust API security measures. Upgrading to versions 0.26.3 or 0.27.0 is essential to secure your environments.

Microsoft Active Directory RCE Vulnerability

There’s also fresh news about a remote code execution vulnerability within Microsoft Active Directory (CVE-2025-23120). With a near-critical severity rating of 9.9, this flaw in the domain environment may grant an attacker the keys to the kingdom, making patching and enhanced monitoring paramount.

Cybersecurity Policy and Forward-Looking Tech Initiatives

In policy news, the UK’s National Cyber Security Centre (NCSC) is urging critical organisations to adopt post-quantum cryptography by 2035 – an important move to shield vital services from future quantum threats. Meanwhile, an independent review suggests that UK security industry players could significantly reduce costs by adopting Gov.uk OneLogin. These strategies highlight the proactive measures that both government and businesses, including those we support at Synergos Consultancy, are taking to enhance digital security and operational resilience.

Additional Industry Insight

In a shift from cyber exploits, an update on Magna Mining Inc. reveals that retail investors now hold a controlling 52% stake, with institutions owning 31%. While this isn’t a cybersecurity vulnerability per se, it illustrates how digital transparency and secure data management are increasingly relevant across all sectors.

Keeping pace with these developments can seem as challenging as keeping a mischievous cat off your keyboard—but rest assured, preparedness remains our best policy. Whether you’re managing cutting-edge ICS or planning your next cyber resilience strategy, staying informed is key. And if you ever need a hand ensuring that your business complies with robust standards like ISO Certifications or GDPR, remember that the friendly team at Synergos Consultancy is here to help.

Stay safe online, and until next time, keep your firewalls strong and your systems updated!