Home About Courses Live Batches Private Sessions Labs Cyber Bulletin Verify Contact

Login

September Top Security Vulnerabilities (CVE Report)

Published on: October 10, 2025

Share:
September Top Security Vulnerabilities (CVE Report)

Top CVE's report for month of September2025

September Top Vulnerabilities Overview
In September, multiple critical and high?severity vulnerabilities were disclosed, including remote code execution flaws in widely used services, authentication bypass weaknesses, privilege escalation in operating systems, and SQL injection in web applications. These vulnerabilities pose significant risk of full system compromise, unauthorized access, or data breach if not promptly patched.

NAMECVE IDCriticalityCVSS SCOREDescriptionReference Link
Azure Bot Service Elevation of Privilege VulnerabilityCVE-2025-55244Critical9Azure Bot Service Elevation of Privilege Vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2025-55244
Azure Networking Elevation of Privilege VulnerabilityCVE-2025-54914Critical10Azure Networking Elevation of Privilege Vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2025-54914
Azure Entra ID Elevation of Privilege VulnerabilityCVE-2025-55241Critical10Azure Entra ID Elevation of Privilege Vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2025-55241
Azure Entra ID Elevation of Privilege VulnerabilityCVE-2025-59218Critical9.6Azure Entra ID Elevation of Privilege Vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2025-59218
Azure Entra ID Elevation of Privilege VulnerabilityCVE-2025-59246Critical9.8Azure Entra ID Elevation of Privilege Vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2025-59246
Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability CVE-2025-55232Critical9.8Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an unauthorized attacker to execute code over a network.https://www.cve.org/CVERecord?id=CVE-2025-55232
Dynamics 365 FastTrack Implementation Assets Information Disclosure VulnerabilityCVE-2025-55238High7.5Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2025-55238
Windows NTLM Elevation of Privilege VulnerabilityCVE-2025-54918High8.8Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.https://www.cve.org/CVERecord?id=CVE-2025-54918
Windows Graphics Component Remote Code Execution VulnerabilityCVE-2025-55228High7.8Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-55228
Graphics Kernel Remote Code Execution VulnerabilityCVE-2025-55236High7.3Time-of-check time-of-use (toctou) race condition in Graphics Kernel allows an authorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-55236
Windows Graphics Component Elevation of Privilege VulnerabilityCVE-2025-53800High7.8No cwe for this issue in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.https://www.cve.org/CVERecord?id=CVE-2025-53800
Microsoft Office Remote Code Execution VulnerabilityCVE-2025-54910High8.4Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-54910
Windows Hyper-V Remote Code Execution VulnerabilityCVE-2025-55224High7.8Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-55224
Azure PlayFab Elevation of Privilege VulnerabilityCVE-2025-59247High8.8Azure PlayFab Elevation of Privilege Vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2025-59247
Azure Monitor Log Analytics Spoofing VulnerabilityCVE-2025-55321High8.7Improper neutralization of input during web page generation ('cross-site scripting') in Azure Monitor allows an authorized attacker to perform spoofing over a network.https://www.cve.org/CVERecord?id=CVE-2025-55321
Redis Enterprise Elevation of Privilege VulnerabilityCVE-2025-59271High8.7Redis Enterprise Elevation of Privilege Vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2025-59271
Windows NTFS Remote Code Execution VulnerabilityCVE-2025-54916High7.8Stack-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-54916
Windows Graphics Component Remote Code Execution VulnerabilityCVE-2025-54919High7.5Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-54919
Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityCVE-2025-54106High8.8Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.https://www.cve.org/CVERecord?id=CVE-2025-54106
Agentic AI and Visual Studio Code Remote Code Execution VulnerabilityCVE-2025-55319High8.8Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network.https://www.cve.org/CVERecord?id=CVE-2025-55319
GitHub Copilot and Visual Studio Remote Code Execution VulnerabilityCVE-2025-53773High7.8Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-53773
OmniParser Remote Code Execution VulnerabilityCVE-2025-55322High7.3Binding to an unrestricted ip address in GitHub allows an unauthorized attacker to execute code over a network.https://www.cve.org/CVERecord?id=CVE-2025-55322
Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityCVE-2025-59251High7.6Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability 
Active Directory Domain Services Elevation of Privilege VulnerabilityCVE-2025-21293high8.8Active Directory Domain Services Elevation of Privilege Vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2025-21293
Windows BitLocker Elevation of Privilege VulnerabilityCVE-2025-54912High7.8Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locally.https://www.cve.org/CVERecord?id=CVE-2025-54912
Windows BitLocker Elevation of Privilege VulnerabilityCVE-2025-54911High7.3Use after free in Windows BitLocker allows an authorized attacker to elevate privileges locallyhttps://www.cve.org/CVERecord?id=CVE-2025-54911
Windows TCP/IP Driver Elevation of Privilege VulnerabilityCVE-2025-54093High7Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally.https://www.cve.org/CVERecord?id=CVE-2025-54093
Azure Connected Machine Agent Elevation of Privilege VulnerabilityCVE-2025-49692High7.8Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally.https://www.cve.org/CVERecord?id=CVE-2025-49692
Azure Connected Machine Agent Elevation of Privilege VulnerabilityCVE-2025-55316High7.8External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally.https://www.cve.org/CVERecord?id=CVE-2025-55316
PowerShell Direct Elevation of Privilege VulnerabilityCVE-2025-49734High7Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.https://www.cve.org/CVERecord?id=CVE-2025-49734
Windows Bluetooth Service Elevation of Privilege VulnerabilityCVE-2025-59220High7Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.https://www.cve.org/CVERecord?id=CVE-2025-59220
Windows Bluetooth Service Elevation of Privilege VulnerabilityCVE-2025-53802High7Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.https://www.cve.org/CVERecord?id=CVE-2025-53802
Microsoft OfficePlus Spoofing VulnerabilityCVE-2025-55243High7.5Exposure of sensitive information to an unauthorized actor in Microsoft Office Plus allows an unauthorized attacker to perform spoofing over a network.https://www.cve.org/CVERecord?id=CVE-2025-55243
Windows Connected Devices Platform Service (Cdpsvc) Denial of Service VulnerabilityCVE-2025-54114High7Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to deny service locally.https://www.cve.org/CVERecord?id=CVE-2025-54114
HTTP.sys Denial of Service VulnerabilityCVE-2025-53805High7.5Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network.https://www.cve.org/CVERecord?id=CVE-2025-53805
Microsoft PowerPoint Remote Code Execution VulnerabilityCVE-2025-54908High7.8Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-54908
Microsoft Office Visio Remote Code Execution VulnerabilityCVE-2025-54907High7.8Heap-based buffer overflow in Microsoft Office Visio allows an unauthorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-54907
Microsoft Office Remote Code Execution VulnerabilityCVE-2025-54906High7.8Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-54906
Microsoft Excel Remote Code Execution VulnerabilityCVE-2025-54896High7.8Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-54896
Microsoft Excel Remote Code Execution VulnerabilityCVE-2025-54900High7.8Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-54900
Windows Hyper-V Remote Code Execution VulnerabilityCVE-2025-48807Medium6.7Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-48807
Xbox Certification Bug Copilot Djando Information Disclosure VulnerabilityCVE-2025-55242Medium6.5Exposure of sensitive information to an unauthorized actor in Xbox allows an unauthorized attacker to disclose information over a network.https://www.cve.org/CVERecord?id=CVE-2025-55242
Graphics Kernel Remote Code Execution VulnerabilityCVE-2025-55226Medium6.7Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to execute code locally.https://www.cve.org/CVERecord?id=CVE-2025-55226
Windows Imaging Component Information Disclosure VulnerabilityCVE-2025-53799Medium5.5Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.https://www.cve.org/CVERecord?id=CVE-2025-53799
M365 Copilot Spoofing VulnerabilityCVE-2025-59252Medium6.5M365 Copilot Spoofing Vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2025-59252
Copilot Spoofing Vulnerability CVE-2025-59272Medium6.5Copilot Spoofing Vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2025-59272
Copilot Spoofing VulnerabilityCVE-2025-59286Medium6.5Copilot Spoofing Vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2025-59286
Windows SMB Client Remote Code Execution VulnerabilityCVE-2025-54101Medium4.8Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network.https://www.cve.org/CVERecord?id=CVE-2025-54101
Windows Defender Firewall Service Elevation of Privilege VulnerabilityCVE-2025-54915Medium6.7Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.https://www.cve.org/CVERecord?id=CVE-2025-54915
Windows Defender Firewall Service Elevation of Privilege VulnerabilityCVE-2025-54109Medium6.7Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.https://www.cve.org/CVERecord?id=CVE-2025-54109
Windows Defender Firewall Service Elevation of Privilege VulnerabilityCVE-2025-54104Medium6.7Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locallyhttps://www.cve.org/CVERecord?id=CVE-2025-54104
MapUrlToZone Security Feature Bypass VulnerabilityCVE-2025-54917Medium4.3Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.https://www.cve.org/CVERecord?id=CVE-2025-54917
MapUrlToZone Security Feature Bypass VulnerabilityCVE-2025-54107Medium4.3Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.https://www.cve.org/CVERecord?id=CVE-2025-54107
Microsoft Windows File Explorer Spoofing VulnerabilityCVE-2025-50154Medium6.5Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.https://www.cve.org/CVERecord?id=CVE-2025-50154
Local Security Authority Subsystem Service (LSASS) Denial of Service VulnerabilityCVE-2025-53809Medium6.5Improper input validation in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.https://www.cve.org/CVERecord?id=CVE-2025-53809
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service VulnerabilityCVE-2025-29954Medium5.9Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.https://www.cve.org/CVERecord?id=CVE-2025-29954
AMD CVE-2025-0033: RMP Corruption During SNP InitializationCVE-2025-0033  CVE-2025-0033 is an attack against AMD processors that support Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) by exploiting incomplete protections in the Reverse Map Table, or RMP. The vulnerability has been named RMPocalypse. 
← Back to all bulletins