Philip Odjidja
Vulnerability Engineer
Philip Odjidja Linked In
Notably, several zero-day vulnerabilities have been disclosed — with confirmed reports of active exploitation in the wild.
Microsoft
Microsoft patched 63 CVEs in its November 2025 Patch Tuesday release, with five rated critical, and 58 rated as important. The update focused heavily on privilege escalation and remote code execution threats across Windows and Microsoft software.
Zero-Day Vulnerabilities
CVE-2025-622155- A Windows Kernel elevation of privilege flaw actively exploited in the wild. It allows local privilege escalation to system level through a race condition and double-free flaw. It is rated as important, with a CVSS score of 7.0. No public proof-of-concept (PoC) has been released for CVE-2025-62215, but threat actors have already weaponized it
Critical
CVE-2025-62199 - is a remote code execution (RCE) vulnerability affecting Microsoft Office, carrying a CVSSv3 score of 7.8 and classified as Critical. While Microsoft’s Exploitability Index rates it as "Exploitation Less Likely," the nature of the flaw still warrants close attention. An attacker could leverage this vulnerability through social engineering, distributing a malicious Office document to unsuspecting users. If successfully exploited, it would allow the attacker to execute arbitrary code with the privileges of the targeted user.
CVE-2025-60724 - is a remote code execution (RCE) vulnerability in the Windows Graphics Device Interface (GDI), carrying a CVSSv3 score of 9.8 and rated Critical. Despite its severity, Microsoft has assessed the likelihood of exploitation as low. An attacker could exploit this flaw by tricking a user into downloading and opening a specially crafted file. The vulnerability stems from a heap-based buffer overflow, which can be triggered to execute arbitrary code on the victim’s system. The high CVSS score and potential for full code execution make this a priority for patching, especially in environments where users frequently handle external files.
CVE-2025-30398 - is a high-severity information disclosure vulnerability in Nuance PowerScribe 360, caused by missing authorization controls in its web interface.The vulnerability stems from missing authorization checks in PowerScribe’s web-based API. This allows an unauthorized attacker to send crafted requests and retrieve sensitive data over the network. It has a CVSS score of 8.1.
Important
CVE-2025-59499 - is a high-severity SQL injection vulnerability in Microsoft SQL Server that allows privilege escalation over a network. The vulnerability stems from improper neutralization of special elements in SQL commands, commonly known as SQL injection. An authenticated attacker can exploit this flaw by injecting malicious SQL into a vulnerable query
CVE-2025-60719, CVE-2025-62213, and CVE-2025-62217 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. ALL three are EoP vulnerabilities assigned CVSSv3 scores of 7.0 and assessed as “Exploitation More Likely.” A local, authenticated attacker could exploit these vulnerabilities to elevate to SYSTEM level privileges.
CVE-2025-62204 - is a high-severity remote code execution vulnerability in Microsoft SharePoint Server, caused by unsafe deserialization of untrusted data. An attacker with low privileges can exploit this flaw by submitting specially crafted requests that trigger unsafe object deserialization, leading to arbitrary code execution on the server. This vulnerability assigned CVSSv3 scores of 8.0 and assessed as “Exploitation less Likely
Adobe
Adobe has released 8 patches this month, addressing 2 critical vulnerabilities
The applications in question are:
Cisco
Cisco has published 7 advisories in November addressing vulnerabilities 3 critical, 1 high 3 medium. The critical vulnerabilities are CVE-2025-20333, CVE-2025-20363 , , CVE-2025-20354 CVE-2025-20358
Check Point
Check Point addressed multiple security vulnerabilities in its November 2025 Patch Tuesday update highlighting serious vulnerabilities across widely used networking and IoT devices. These advisories underscore the persistent risks posed by command injection, buffer overflows, and unauthenticated access in embedded systems.
Ivanti
Ivanti has rolled out critical updates for Ivanti Endpoint Manager, addressing three high-severity vulnerabilities that pose serious risks to enterprise environments. If exploited, these flaws could allow a locally authenticated attacker to write arbitrary files anywhere on disk, potentially leading to privilege escalation or system compromise. The three high vulnerabilities CVE-2025-10918, CVE-2025-9713 and CVE-2025-11622, with the last two resolved vulnerabilities previously disclosed in October 2025.
SAP
SAP has released 18 new security notes and 2 updates to October security notes. 3 of these CVEs are rated Critical, 1 high and 14 mediums. The products affected by the Critical or high rated CVEs are
VMware
VMware has released a patch for vulnerabilities in the VMware Tanzu products. Many critical & high vulnerabilities were found in Tanzu for Kubernetes Runtime and VMware Tanzu Application Service. These vulnerabilities have been rated as Critical and have a CVSS score of 9.8
To stay protected against emerging threats, it's essential to apply the latest security updates without delay. Timely patching helps safeguard systems from known vulnerabilities and minimizes exposure to potential exploits.