August 2025 has proven to be a critical month for cyber‑security, with several zero-day vulnerabilities disclosed and actively exploited across major platforms and software. Here’s a concise overview of the most significant cases and what they mean for users and organisations.
1. Windows Kerberos Zero-Day (CVE-2025-53779)
Microsoft’s Patch Tuesday on 12 August addressed a disclosed zero-day flaw in Windows Kerberos, tracked as CVE‑2025‑53779. This relative‑path traversal vulnerability impacts the Kerberos authentication protocol and can allow an attacker already holding elevated delegated manager service account (dMSA) privileges to escalate to full domain administrator access. The update fixed 107 to 111 vulnerabilities (reports vary), of which 13 were rated Critical, including remote code execution, information disclosure and privilege-elevation issues.
- Report: “Microsoft’s August 2025 Patch Tuesday update addresses 111 security vulnerabilities … including a critical zero‑day flaw in Windows Kerberos.”
Full URL: https://www.techradar.com/pro/security/microsofts-latest-major-patch-fixes-a-serious-zero-day-flaw-and-a-host-of-other-issues-so-update-now - Report: “On August 12 2025, Microsoft released a major security update … a severe zero‑day vulnerability tracked as CVE‑2025‑53779 was patched.”
Full URL: https://www.tomsguide.com/computing/online-security/microsoft-just-fixed-over-107-flaws-including-one-serious-zero-day-update-your-pc-right-now
2. WinRAR Zero-Day (CVE-2025-8088)
A critical zero-day flaw in WinRAR (versions prior to 7.13), tracked as CVE‑2025‑8088, was actively exploited in the wild. It allows unauthenticated directory traversal, enabling attackers to drop malicious files into arbitrary paths that are executed automatically.
- News: “A critical zero‑day vulnerability in WinRAR, tracked as CVE‑2025‑8088, is being actively exploited by the Russian‑linked hacking group RomCom… Versions of WinRAR prior to 7.13 are affected.”
Full URL: https://www.windowscentral.com/software-apps/new-winrar-zero-day-pc-vulnerability-exploited-by-hackers-what-you-need-to-know
3. Adobe Experience Manager (AEM) Zero-Days
Adobe issued urgent updates to address two zero-day vulnerabilities in Adobe Experience Manager Forms on Java EE:
- CVE‑2025‑54253: Remote code execution vulnerability with a perfect CVSS score of 10/10.
4. Dahua CCTV Camera Vulnerabilities
Two severe buffer overflow vulnerabilities CVE‑2025‑31700 and CVE‑2025‑31701 were disclosed in Dahua CCTV cameras. They allow unauthenticated remote code execution, potentially granting full control to attackers over exposed devices.
5. Lenovo AI Chatbot (Lena) Flaw
Researchers uncovered a critical cross-site scripting (XSS) vulnerability in Lenovo’s AI chatbot “Lena.” Exploitation via a crafted prompt can leak session cookies, enabling attackers to impersonate support agents and infiltrate systems.
6. Fortinet VPN Brute-Force Activity
Security teams observed a surge in brute-force attempts targeting Fortinet SSL VPN and FortiManager systems in early August. These scans likely foreshadow a zero-day exploit, though none has yet been confirmed.
7. Canadian House of Commons Data Breach
A severe data breach impacted Canada’s House of Commons, traced back to exploitation of a SharePoint zero-day (CVE‑2025‑53770) that enables remote code execution and access to internal databases. The Chinese-linked APT group “Salt Typhoon” is the suspected orchestrator.
Summary: Vigilance Is Essential
| Affected System | Vulnerability Type | Risk | Patch Status |
|---|---|---|---|
| Windows Kerberos | Privilege escalation | Domain admin takeover | Patched in August Patch Tuesday |
| WinRAR | Directory traversal/escape | Remote code execution via archive | Patched in v7.13; urgent update |
| Adobe AEM Forms | Remote code execution | Critical severity | Patches released |
| Dahua CCTV Cameras | Remote buffer overflow | Full device compromise | Firmware updates available |
| Lenovo AI Chatbot (Lena) | XSS leading to session theft | Insider impersonation/network access | Patch issued (by 18 August) |
| Fortinet VPN | Brute-force scans suspected | Undisclosed exploit potential | No details yet; caution advised |
| House of Commons (SharePoint) | Remote code execution | Data breach/internal exposure | Investigation ongoing; urgency high |
Recommendations for Organisations and Users
- Apply security updates immediately especially for Windows Kerberos, WinRAR, Adobe AEM, Dahua devices, and Lenovo systems.
- Audit deployment environments and segment critical systems (e.g., isolate CCTV/NVRs).
- Monitor for unusual activity, especially related to Fortinet VPN access logs and SharePoint usage.
- Prioritise user education to reduce phishing and targeted attacks, particularly as credential or directory information may be weaponised post-breach.
These incidents underscore the persistent and evolving danger posed by zero-day vulnerabilities. Rapid patching, layered defences, and ongoing awareness remain our best strategies in the face of such threats.
References
- TechRadar – Microsoft’s latest major patch fixes a serious zero-day flaw, and a host of other issues – so update now
https://www.techradar.com/pro/security/microsofts-latest-major-patch-fixes-a-serious-zero-day-flaw-and-a-host-of-other-issues-so-update-now - Tom’s Guide – Microsoft just fixed over 107 flaws including one serious zero-day – update your PC right now
https://www.tomsguide.com/computing/online-security/microsoft-just-fixed-over-107-flaws-including-one-serious-zero-day-update-your-pc-right-now - The Hacker News – Microsoft August 2025 Patch Tuesday
https://thehackernews.com/2025/08/microsoft-august-2025-patch-tuesday.html - The Hacker News – WinRAR Zero-Day Under Active Exploitation
https://thehackernews.com/2025/08/winrar-zero-day-under-active.html - Windows Central – Russian-Linked Hackers Are Exploiting a WinRAR Flaw – Here’s How to Stay Safe
https://www.windowscentral.com/software-apps/new-winrar-zero-day-pc-vulnerability-exploited-by-hackers-what-you-need-to-know - CSA (Cyber Security Agency of Singapore) – Adobe Experience Manager Forms on JEE Vulnerability Alert (AL-2025-078)
https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-078 - TechRadar – Hackers could take over millions of Dahua CCTV cameras because of two critical flaws – here’s how to stay safe
https://www.techradar.com/pro/security/hackers-could-take-over-millions-of-dahua-cctv-cameras-because-of-two-critical-flaws-heres-how-to-stay-safe - ITPro – Flaw in Lenovo’s customer service AI chatbot could let hackers run malicious code
https://www.itpro.com/security/flaw-in-lenovos-customer-service-ai-chatbot-could-let-hackers-run-malicious-code-breach-networks - TechRadar – Fortinet VPNs under attack from potential zero-day
https://www.techradar.com/pro/security/fortinet-vpns-under-attack-from-potential-zero-day-fortisiem-security-tools-also-at-risk - ITPro – Everything we know so far about the Canadian House of Commons data breach
https://www.itpro.com/security/cyber-attacks/everything-we-know-so-far-about-the-canadian-house-of-commons-data-breach