Vulnerabilities
June Microsoft Patch Tuesday updates include an exploited flaw
Microsoft’s June Patch Tuesday updates addressed 66 vulnerabilities. Notably, one of them has been actively exploited, and one other has been publicly disclosed.
Researchers drew attention to an issue in Web Distributed Authoring and Versioning (WeBDAV), tracked as CVE-2025-33053, that has been abused by an advanced persistent threat (APT) group known as Stealth Falcon, linked to the UAE. This flaw could allow remote code execution of malicious code on the affected system.
The publicly disclosed flaw, CVE-2025-33073, affects Windows Server Message Block (SMB) client. It could enable elevation of privilege in Windows SMB client, allowing threat actors to gain SYSTEM privileges on vulnerable devices. The flaw can be mitigated by enforcing server-side SMB signing via Group Policy.
Both flaws were rated as ‘Important’ with a CVSS score of 8.8/10.
Both flaws require user interaction to exploit and, for most organizations, will likely be part of a regular patching cycle. Taking the recommended mitigation path for CVE-2025-33073 can be done prior to patching.
June SAP Security Patch Day
SAP Security Patch Day addressed 14 new security issues, including a critical vulnerability, five high-severity flaws, six medium-severity bugs, and two low-severity issues.
The critical issue is tracked as CVE-2025-42989, and affects SAP NetWeaver Application Server for ABAP. It allows a bypass of authorization checks and elevation of privileges. It's been rated with a CVSS score of 9.6.
Researchers noted that organizations applying the SAP’s note may need to assign additional S_RFC permissions to some users.
SAP NetWeaver Application appears to be an attractive target for threat actors and was noted being exploited earlier this year. We recommend applying the latest updates to this product as soon as possible.