Cyber Threat Digest – 2025-09-14

🔥 Known Exploited Vulnerabilities (CISA KEV)

8 exploited vulns of note.

• CVE-2025-5086 — Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability — Dassault Systèmes DELMIA Apriso (Added: 2025-09-11) — Details
• CVE-2025-38352 — Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability — Linux Kernel (Added: 2025-09-04) — Details
• CVE-2025-48543 — Android Runtime Use-After-Free Vulnerability — Android Runtime (Added: 2025-09-04) — Details
• CVE-2025-53690 — Sitecore Multiple Products Deserialization of Untrusted Data Vulnerability — Sitecore Multiple Products (Added: 2025-09-04) — Details
• CVE-2023-50224 — TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability — TP-Link TL-WR841N (Added: 2025-09-03) — Details
• CVE-2025-9377 — TP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability — TP-Link Multiple Routers (Added: 2025-09-03) — Details
• CVE-2020-24363 — TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability — TP-Link TL-WA855RE (Added: 2025-09-02) — Details
• CVE-2025-55177 — Meta Platforms WhatsApp Incorrect Authorization Vulnerability — Meta Platforms WhatsApp (Added: 2025-09-02) — Details

---

⚠️ Recent CVEs (NVD)

Latest CVEs with CVSS badges.

• CVE-2025-10366 — A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/inc.setWlanIpMail.php. This manipulation of the argument Email a… MEDIUM 5.1 — Details
• CVE-2025-10367 — A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/cardEdit.php. Such manipulat… MEDIUM 5.1 — Details
• CVE-2025-10368 — A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this issue is some unknown functionality of the file /htdocs/manageFilesFolders.php. Performing mani… MEDIUM 5.1 — Details
• CVE-2025-10369 — A vulnerability was determined in MiczFlor RPi-Jukebox-RFID up to 2.8.0. This affects an unknown part of the file /htdocs/cardRegisterNew.php. Executing manipulation can lead to cr… MEDIUM 5.1 — Details
• CVE-2025-10370 — A vulnerability was identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. This vulnerability affects unknown code of the file /htdocs/userScripts.php. The manipulation of the argume… MEDIUM 5.1 — Details
• CVE-2025-10371 — A security flaw has been discovered in eCharge Hardy Barth Salia PLCC 2.2.0. This issue affects some unknown processing of the file /api.php. The manipulation of the argument setrf… MEDIUM 6.9 — Details

---

📰 Security News

Top headlines from trusted sources.

• New HybridPetya ransomware can bypass UEFI Secure Boot
  — Fri, 12 Sep 2025 17:18:07 GMT
• CISA warns of actively exploited Dassault RCE vulnerability
  — Fri, 12 Sep 2025 16:19:39 GMT
• Windows 11 23H2 Home and Pro reach end of support in 60 days
  — Fri, 12 Sep 2025 16:15:22 GMT
• The first three things you'll want during a cyberattack
  — Fri, 12 Sep 2025 14:02:12 GMT
• Man gets over 4 years in prison for selling unreleased movies
  — Fri, 12 Sep 2025 11:36:22 GMT
• Samsung patches actively exploited zero-day reported by WhatsApp
  — Fri, 12 Sep 2025 09:48:30 GMT