There is one interesting already exploited vulnerability, he said: CVE-2025-30397. This vulnerability (detailed above by Walters) is only exploitable if Microsoft Edge is operating in “Internet Explorer” mode. By default, Edge is not running in Internet Explorer mode, but there may be cases, in particular on workstations used by system administrators and developers, where it’s appropriate to enable this mode, Ullrich said. Configuration management should be used to prevent this from happening unless it is specifically required for a particular use case, he said.
“Luckily,” Ullrich added, “the vulnerability that, in my opinion, has the most ‘potential’ for attackers, CVE-2025-29831, is only exploitable while the RDP service is restarted. Unless the attacker is able to trigger a restart, this vulnerability will likely not be exploitable. But it yet again highlights the importance of RDP servers.”
SAP, Zoom patches
Separately, SAP released 18 Security Notes ranging from critical authorization issues to remote code execution, information disclosure, and cross-site scripting.
