Black Arrow Cyber Advisory 15 May 2025 – Microsoft, Adobe, Ivanti, Fortinet, ASUS, Apple, Broadcom, Juniper and Zoom Security Updates

Written By Black Arrow Admin

Executive Summary

Black Arrow Cyber Advisory Warning Triangle

Microsoft's Patch Tuesday for May 2025 addressed 72 vulnerabilities across its product line, including five actively exploited zero-day vulnerabilities. Notably, critical remote code execution flaws were patched in Microsoft Office, Azure DevOps Server, and the Windows Common Log File System Driver.

Adobe released security updates to address 40 vulnerabilities across several products, including critical issues in Adobe Photoshop, Illustrator, and Bridge. These flaws could lead to arbitrary code execution if exploited.

*Updated to clarify that the two vulnerabilities, CVE-2025-4427 and CVE-2025-4428 relating to Ivanti Endpoint Manager (EPMM) are associated with open-source libraries utilised by EPMM.

Ivanti disclosed multiple vulnerabilities affecting several of its products, including a critical authentication bypass in Ivanti Neurons for ITSM (on-premises). A remote code execution vulnerability, and an authentication bypass vulnerability relating to two open-source libraries that are integrated into Ivanti Endpoint Manager Mobile (EPMM) were also disclosed. Ivanti has reported that the EPMM related vulnerabilities have been exploited in the wild, emphasising the importance of applying the latest patches that address these vulnerabilities to secure affected systems.

Fortinet addressed several vulnerabilities across its product suite, notably patching a zero-day remote code execution flaw (CVE-2025-32756) in FortiVoice systems that was actively exploited. Additional critical updates were released for FortiOS and FortiProxy. Administrators should prioritise these updates to protect against potential exploits.

ASUS issued patches for two critical vulnerabilities (CVE-2025-3462 and CVE-2025-3463) in its DriverHub utility. These flaws could allow attackers to execute arbitrary code via crafted HTTP requests or malicious .ini files. Users of ASUS DriverHub should update to the latest version to mitigate these risks.

Apple released comprehensive security updates across its platforms, addressing several vulnerabilities in iOS, iPadOS, macOS, watchOS, tvOS, and visionOS.

Broadcom released a security update for VMware Tools, addressing an insecure file handling vulnerability (CVE-2025-22247). This flaw could allow a malicious actor with non-administrative privileges on Windows and Linux guest VM to tamper with local files, potentially leading to unauthorised behaviours within the virtual environment.

Juniper announced fixes for nearly 90 bugs in third-party dependencies in Secure Analytics, the virtual appliance that collects security events from network devices, endpoints, and applications.

Zoom released seven advisories for nine security defects in Zoom Workplace Apps across desktop and mobile platforms. The most severe of the issues is CVE-2025-30663 (CVSS 8.8), a high-severity time-of-check time-of-use race condition that could allow a local, authenticated attacker to elevate their privileges.

What’s the risk to me or my business?

The actively exploited vulnerabilities across these platforms could allow attackers to compromise the confidentiality, integrity, and availability of affected systems and data. Unpatched systems are at heightened risk of exploitation, leading to potential data breaches, system disruptions, and unauthorised access.

What can I do?

Black Arrow recommends promptly applying the available security updates for all affected products. Prioritise patches for vulnerabilities that are actively exploited or rated as critical or high severity. Regularly review and update your organisation's security policies and ensure that all systems are running supported and up-to-date software versions.

Microsoft

Further details on specific updates within this Microsoft patch Tuesday can be found here:

https://msrc.microsoft.com/update-guide/releaseNote/2025-May

Adobe, Ivanti, Fortinet, ASUS, Apple, Broadcom, Juniper and Zoom

Further details of the vulnerabilities in affected Apple, Adobe, Fortinet and SAP:

https://helpx.adobe.com/security/security-bulletin.html

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US&_gl=1*13fxvyv*_gcl_au*MzY1MzU5Mjk2LjE3NDcxNjYwNTg

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-on-premises-only-CVE-2025-22462?language=en_US&_gl=1*wdhxpi*_gcl_au*MzY1MzU5Mjk2LjE3NDcxNjYwNTg

https://fortiguard.fortinet.com/psirt

https://www.asus.com/content/asus-product-security-advisory/

https://support.apple.com/en-us/100100

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683

https://supportportal.juniper.net/s/article/On-Demand-JSA-Series-Multiple-vulnerabilities-resolved-in-Juniper-Secure-Analytics-in-7-5-0-UP11-IF03

https://www.zoom.com/en/trust/security-bulletin/

#threatadvisory #threatintelligence #cybersecurity

Black Arrow Admin
Previous

Black Arrow Cyber Threat Intelligence Briefing 16 May 2025
Next

Black Arrow Cyber Threat Intelligence Briefing 09 May 2025