Good morning, ONSEC Cyber Daily readers! Today, we're diving deep into the world of cybersecurity, where vulnerabilities and exploits are the name of the game. We start with a critical zero-click RCE vulnerability in Microsoft Outlook (CVE-2025-21298), a proof of concept exploit that's been released, making it a hot topic in the cybersecurity community. Next, we turn our attention to Aviat Networks, who are stepping up their cybersecurity game with a new Software Vulnerability Alert (SVA) service. This move is a response to the increasing number of cyber threats and is designed to strengthen their software and meet cybersecurity requirements. But it's not all smooth sailing in the cybersecurity world. We've got a list of five red flags that could indicate your business is at risk. From running outdated operating systems to chained vulnerabilities exploited in Ivanti Cloud Service Appliances, we're covering it all. In other news, Google has issued a high-severity security warning for billions of Chrome browser users. And if you're a Fortinet admin, you might want to pay attention - nearly 50K devices have been left unpatched and are being widely exploited. Finally, we've got a roundup of the latest patches and updates, including fixes for Cisco's Meeting Management tool, SonicWall's suspected zero-day bug, and ClamAV's critical security patch updates. Stay tuned for more updates and remember, stay safe in the cyber world!

Exploits Alert

1. PoC Exploit Released For Critical Microsoft Outlook (CVE-2025-21298) Zero-Click RCE Vulnerability: A proof-of-concept exploit has been released for a critical zero-click remote code execution vulnerability in Microsoft Outlook. This vulnerability could allow attackers to take control of an affected system. Source: cybersecuritynews.com
2. Aviat Networks Strengthens Software Cybersecurity Offering: Aviat Networks has launched advanced cybersecurity initiatives, including 24-hour vulnerability alerts and secure software development lifecycle, to strengthen its software and meet the latest security requirements. Source: eagletribune.com
3. Chained Vulnerabilities Exploited in Ivanti Cloud Service Appliances: Chained vulnerabilities in Ivanti Cloud Service Appliances have been exploited, with attacks linked to a suspected China-linked cyberespionage operation. The vulnerabilities have been examined in a joint advisory by CISA and FBI. Source: infosecurity-magazine.com
4. ClamAV File Decryption Vulnerability Let Remote Attackers Trigger DoS Attack: A significant vulnerability in ClamAV's Object Linking and Embedding 2 (OLE2) decryption routine has been identified by Cisco. This vulnerability could allow remote attackers to trigger a Denial of Service (DoS) attack. Source: cybersecuritynews.com
5. New Google Chrome Security Warning For 3 Billion Users—Act Now: Google has issued a high-severity security warning for billions of Chrome browser users across Windows, Mac, Linux, and Android. Users are advised not to ignore this warning and act immediately. Source: forbes.com

Vulnerabilities & Patches

1. Critical Zero-Click Vulnerability in Windows OLE (CVE-2025-21298): Microsoft has patched a severe zero-click RCE vulnerability in Windows OLE. The vulnerability, rated 9.8 on CVSS, could allow attackers to compromise systems without user interaction. Source: Cyber Kendra, Cybersecurity News
2. Cisco Meeting Management Critical Vulnerability (No CVE provided): Cisco has released a patch for a critical 9.9-rated vulnerability in its Meeting Management tool. The bug could allow an attacker to gain admin privileges. No in-the-wild exploits have been reported yet. Source: MSN
3. Chained Vulnerabilities in Ivanti Cloud Service Appliances (CVE-2024-8963, CVE-2024-9379, CVE-2024-8190): Multiple vulnerabilities in Ivanti Cloud Service Appliances have been exploited in chained attacks. Users are advised to upgrade to the latest supported version to patch known vulnerabilities. Source: Bleeping Computer, Infosecurity Magazine
4. SonicWall Zero-Day Vulnerability (CVE-2025-23006): SonicWall has released patches for a critical zero-day vulnerability in SMA 1000 appliances. Rated 9.8 CVSS, the flaw is likely being actively exploited, and users are urged to patch immediately. Source: The Register, The Hacker News
5. ClamAV Buffer Overflow Vulnerability (CVE-2025-20128): Open-source antivirus solution ClamAV has released a critical security patch addressing a buffer overflow vulnerability in the OLE2 file parser. Users are advised to update to the latest version. Source: Cybersecurity News, GBHackers

Podcasts

1. Cyber Uncut: In this episode, hosts David Hollingworth and Daniel Croft discuss their experiences reporting on cybercrime throughout the week. They cover topics such as the false alarm of JB Hi-Fi being hacked, the ongoing activities of hacktivists, and Trump's controversial stance on cybersecurity. Source: CyberDaily
2. Atlanta News First: A cybersecurity expert warns of a new scam targeting PayPal users. The scam involves emails and links that appear legitimate, tricking users into giving scammers access to their PayPal accounts. Source: AtlantaNewsFirst
3. Generative AI in the Real World: Chloé Messdaghi discusses AI security, policy, and regulation. She emphasizes the importance of being aware of available resources and expects to see AI security certifications and training in the near future. Source: O'Reilly
4. If and When Should a CISO Have a Long Term Security Plan?: This podcast discusses the importance of having a long-term security plan for CISOs. The hosts, Mike Johnson and David Spark, suggest that if a CISO does not have a plan, they should start developing one. Source: CISOSeries

Bonus from Onsec Team:

Top 10 Retro Hacking & Cyberpunk Games. 💾⚡

Final Words

That's a wrap for today's edition of 'ONSEC Cyber Daily'. We've covered everything from the latest PoC exploit for a critical Microsoft Outlook vulnerability, to the strengthening of Aviat Networks' software cybersecurity offering, and the warning signs that your business might be at risk. Remember, the cyber world is constantly evolving, and staying informed is your first line of defense. Share this newsletter with your friends and colleagues to help them stay ahead of the curve too. Keep your systems updated, your data secure, and your mind open to new information. We'll be back tomorrow with more cybersecurity news and insights. Until then, stay safe and secure!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)