20 Jun 2025
Week in review
Greetings,
As Privacy Awareness Week 2025 unfolds, it’s encouraging to see strong support across the industry. Organisations are actively engaging in meaningful conversations about the role of privacy and it’s clear that data protection is no longer just a regulatory obligation. It’s now recognised as a core business value and a collective responsibility.
Creating a privacy-conscious digital environment requires genuine collaboration between industry, government, and individuals. By working together, we can build a future where data is protected, respected, and used responsibly.
Here are a few key reminders:
-
Collect Only What’s Necessary – Limit data collection to what’s essential to reduce risk and strengthen compliance.
-
Embed Privacy in Culture – Treat privacy as a core organisational value, not just a regulatory requirement.
-
Everyone Has a Role – From daily habits to major decisions, individual actions directly influence privacy and security.
Privacy Awareness Week is more than a one-week focus – it’s a long-term commitment. By embedding privacy into our culture, practices, and mindset, we not only meet today’s standards but also lay the foundation for a safer digital future.
Critical Vulnerability Patched in Citrix NetScaler
Date: 2025-06-18
Author: Security Week
Citrix on Tuesday announced patches for four vulnerabilities across three products, including a critical-severity issue in NetScaler ADC and NetScaler Gateway.
The critical flaw, tracked as CVE-2025-5777 (CVSS score of 9.3), is described as an out-of-bounds memory read caused by insufficient input validation.
Only NetScaler deployments configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or as Authentication, Authorization, and Accounting (AAA) virtual server are affected, Citrix explains in its advisory.
Critical Vulnerabilities Patched in Trend Micro Apex Central, Endpoint Encryption
Date: 2025-06-13
Author: Security Week
Trend Micro has released patches for ten vulnerabilities in Apex Central and Endpoint Encryption (TMEE) PolicyServer, including critical-severity flaws leading to remote code execution (RCE).
The update for Apex Central resolves two critical bugs leading to RCE, tracked as CVE-2025-49219 and CVE-2025-49220 (CVSS score of 9.8). The security defects are similar, but were discovered in different methods, the company says.
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
Date: 2025-06-17
Author: The Hacker News
A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper.
The attack, observed in mid-March 2025 by Positive Technologies, involved the use of a sandbox escape vulnerability tracked as CVE-2025-2783 (CVSS score: 8.3).
Google addressed the flaw later that month after Kaspersky reported in-the-wild exploitation in a campaign dubbed Operation ForumTroll targeting various Russian organizations.
High-Severity Vulnerabilities Patched in Tenable Nessus Agent
Date: 2025-06-16
Author: Security Week
Tenable has released patches for three high-severity vulnerabilities in Nessus Agent for Windows that could be exploited to perform file operations and execute code with elevated privileges.
Tracked as CVE-2025-36631 (CVSS score of 8.4), the first bug could allow users logged in to non-administrative accounts to overwrite arbitrary local system files with log content, with System privileges.
The second flaw, CVE-2025-36632 (CVSS score of 7.8), allows non-administrative users to execute arbitrary code with System privileges.
Finally, CVE-2025-36633 (CVSS score of 8.8) allows users in a non-administrative position to arbitrarily delete local system files, also with System privileges.
Microsoft: DHCP issue hits KB5060526, KB5060531 of Windows Server
Date: 2025-06-17
Author: Windows Latest
[See AUSCERT Bulletin https://portal.auscert.org.au/bulletins/ASB-2025.0104]
Microsoft confirmed that the DHCP server service might stop responding or refuse to connect after the June 2025 Update for Windows Server. The DHCP issue affects Windows Server 2025 (KB5060842), Windows Server 2022 (KB5060526), Windows Server 2019 (KB5060531), and Windows Server 2016 (KB5061010).
As per user reports spotted by Windows Latest, as soon as you install Windows Server 2016 (KB5061010) or another update listed above, you won’t be able to use the DHCP server. The DHCP server connection would immediately fail after 20-50 seconds of booting the server, but as soon as you remove the update, you’ll be able to use DHCP again.
ESB-2025.3989 – Multi-Linux Manager Client Tools – CVSS (Max) 9.9
This SUSE update resolves eight vulnerabilities, fixes various bugs, contains four new features and has six security fixes. Affected products include openSUSE Leap, SUSE Linux Enterprise Desktop/High Performance Computing/Micro/Real Time/Server/Client Tools/Proxy/Retail Branch Server.
ESB-2025.3938 – moodle – CVSS (Max) 10.0
This security fix resolves an SQL injection risk in the upstream AD0db library. The core Moodle LMS was NOT affected by this vulnerability, however as a precaution, this library has been upgraded to remove the risk entirely, in case any third party code/plugins uses the vulnerable code.
ESB-2025.3926 – webkit2gtk – CVSS (Max) 9.8
This update resolves various vulnerabilities including denial of service, unexpected process crashes, exfiltrate data cross-origin, cross-site scripting attacks, and memory corruption. For Debian 11 bullseye, these problems have been fixed in version
2.48.3-1~deb11u1. It is recommend to upgrade webkit2gtk packages.
ESB-2025.4024 – samba – CVSS (Max) 9.8
Several security issues were fixed in Samba. A remote attacker could possibly use
this issue to cause Samba to crash, resulting in a denial of service, escalate
privileges, or possibly execute arbitrary code.
ESB-2025.4023 – Python – CVSS (Max) 9.4
Python could be made to overwrite files from incorrectly handled tar archive extraction with the filtering option. An attacker could possibly use this issue to modify files in arbitrary filesystem locations and cause data loss. The problem can be corrected by updating the system.
Stay safe, stay patched and have a good weekend!
The AUSCERT team
