Table of Contents
In this week’s Security Advisory
Microsoft Issues Patch for Critical Windows Server Update Service (WSUS) Vulnerability
Apache Tomcat Patches Rewrite Valve Relative Path Traversal Vulnerability
QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability
CISA Warns of Exploited DELMIA Factory Software Vulnerabilities
Microsoft Issues Patch for Critical Windows Server Update Service (WSUS) Vulnerability
Microsoft has released an out-of-band (OOB) security update to address a critical-severity vulnerability in the Windows Server Update Service (WSUS) with a publicly available proof-of-concept exploit. The vulnerability, CVE-2025-59287 (CVSS 9.8/10), affects Windows servers with the WSUS Server Role enabled. This vulnerability can be exploited remotely without requiring user interaction and could allow an attacker to execute malicious code with SYSTEM privileges.
Affected Versions
- Windows Server 2025.
- Windows Server, version 23H2.
- Windows Server 2022.
- Windows Server 2019.
- Windows Server 2016.
- Windows Server 2012 R2.
- Windows Server 2012.
Recommendations
- Apply the latest patches.
More Reading / Information
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287
- https://www.bleepingcomputer.com/news/security/microsoft-releases-windows-server-emergency-updates-for-critical-wsus-rce-flaw/
Apache Tomcat Patches Rewrite Valve Relative Path Traversal Vulnerability
Apache has released patches for three Tomcat Vulnerabilities. The most severe is CVE-2025-55752, which is a relative path traversal vulnerability. The vulnerability allows an attacker to manipulate an HTTP request to bypass security constraints, potentially creating a remote code execution scenario. It is only present in certain conditions, however, these may be met due to the nature of the software.
Affected Versions
- A full list of affected versions can be found here.
Recommendations
- Apply the latest patches.
More Reading / Information
- https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.110
- https://gist.github.com/N3mes1s/0130615f7412c59d6439d1292b428e29
QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability
Microsoft has issued a security update for CVE-2025-55315 (CVSS 9.9/10), a vulnerability in ASP.NET Core that could allow an attacker to bypass security controls through HTTP request smuggling. If successfully exploited, an authenticated attacker could send specially crafted HTTP requests to the web server, resulting in unauthorized access to sensitive data, modification of server files, or limited denial-of-service conditions. QNAP strongly recommends users ensure their Windows systems have the latest Microsoft ASP.NET Core updates installed.
Recommendations
Apply the latest security update for ASP.NET Core, found here.
More Reading / Information
- https://www.securityweek.com/qnap-netbak-pc-agent-affected-by-recent-asp-net-core-vulnerability/
- https://thecyberexpress.com/cve-2025-55315-hits-qnap-netbak-pc-agent/
- https://cyberpress.org/asp-net-vulnerability/
CISA Warns of Exploited DELMIA Factory Software Vulnerabilities
CISA has warned that two recent vulnerabilities in DELMIA Apriso factory software have been exploited in attacks. The two flaws flagged as exploited are tracked as CVE-2025-6204 (CVSS 8/10) and CVE-2025-6205 (CVSS 9.1/10). The first vulnerability is described as a code injection bug that allows attackers to execute arbitrary code, while the second is a missing authorization issue that can be exploited to gain privileged access to the application. These vulnerabilities can be chained together to create accounts with elevated privileges and then place executable files into a web-served directory. These vulnerabilities have been exploited in the wild.
Affected Versions
- DELMIA Apriso from release 2020 through release 2025.
Recommendations
- Apply the latest patches.
More Reading / Information
- https://www.securityweek.com/cisa-warns-of-exploited-delmia-factory-software-vulnerabilities/
- https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6204
- https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6205
Recommendations
Please review your environment to ensure the above-mentioned issues are patched in a timely manner. It is security best practice to regularly update and/or patch software to the latest versions. The vulnerabilities above highlight the security benefits of limiting deployed software to “vendor-supported versions” only. This dramatically increases the likelihood that new vulnerabilities have a patch issued for them. Likewise, CyberMaxx strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program.
