(TLP:CLEAR) Weekly Vulnerabilities to Prioritize – October 16, 2025
Created: Thursday, October 16, 2025 - 15:00
Categories: Cybersecurity, Security Preparedness
The below vulnerabilities have been identified by WaterISAC analysts as important for water and wastewater utilities to prioritize in their vulnerability management efforts. WaterISAC shares critical vulnerabilities that affect widely used products and may be under active exploitation. WaterISAC draws additional awareness in alerts and advisories when vulnerabilities are confirmed to be impacting, or have a high likelihood of impacting, water and wastewater utilities. Members are encouraged to regularly review these vulnerabilities, many of which are often included in CISA’s Known Exploited Vulnerabilities (KEV) Catalog.
SKYSEA Client View Improper Authentication Vulnerability
CVSS Score: N/A
CVE: CVE-2016-7836
Description: SKYSEA Client View Ver.11.221.03 and earlier allows remote code execution via a flaw in processing authentication on the TCP connection with the management console program. CISA has added this vulnerability to its KEV catalog.
Source: http://www.skyseaclientview.net/news/161221/
Rapid7 Velociraptor Incorrect Default Permissions Vulnerability
CVSS: 5.5
CVE: CVE-2025-6264
Description: This vulnerability can lead to arbitrary command execution and endpoint takeover. To successfully exploit this vulnerability the user must already have access to collect artifacts from the endpoint. CISA has added this vulnerability to its KEV catalog.
Source: https://docs.velociraptor.app/announcements/advisories/cve-2025-6264/
Microsoft Windows Untrusted Pointer Dereference
CVSS: 7.8
CVE: CVE-2025-24990
Description: Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Windows. Microsoft recommends removing any existing dependencies on this hardware. CISA has added this vulnerability to its KEV catalog.
Source: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24990
IGEL OS Use of a Key Past its Expiration Date Vulnerability
CVSS: N/A
CVE: CVE-2025-47827
Description: In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image. CISA has added this vulnerability to its KEV catalog.
Source: https://github.com/Zedeldi/igelfs
Microsoft Windows Improper Access Control Vulnerability
CVSS Score: 7.8
CVE: CVE-2025-59230
Description: Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. CISA has added this vulnerability to its KEV catalog.
Source: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59230