Key Cybersecurity Vulnerabilities Disclosed in February 2025

February 2025 witnessed the disclosure and patching of numerous high-impact security vulnerabilities across various platforms, including operating systems, enterprise software, and widely-used web applications. This article provides a categorized overview of the most critical vulnerabilities—especially those with high CVSS scores (above 8.0), active exploitation in the wild, or broad user impact. Each entry includes CVE identifiers, severity ratings, exploitation status, and reliable references for further reading.


Microsoft Windows & Office Vulnerabilities

CVE-2025-21418 – Local Privilege Escalation in WinSock Driver

A zero-day vulnerability in the Windows Ancillary Function Driver for WinSock allowed authenticated local attackers to gain SYSTEM-level privileges by executing crafted binaries. Actively exploited and patched in the February 2025 Patch Tuesday release.
CVSS Score: 7.8

CVE-2025-21391 – Windows Storage Elevation of Privilege

A second zero-day affecting the Windows Storage component allowed deletion of arbitrary system files, potentially leading to denial of service or privilege escalation.
CVSS Score: 7.1

CVE-2025-21376 – Critical Remote Code Execution in Windows LDAP

A wormable RCE vulnerability in the Windows LDAP service enabled attackers to execute arbitrary code remotely without user interaction.
CVSS Score: 8.1

CVE-2025-21381 & CVE-2025-21387 – Microsoft Excel RCE Flaws

Multiple vulnerabilities in Microsoft Excel permitted RCE through malicious documents or even previews in Outlook.
CVSS Scores: ~7.8


Linux Kernel & Open-Source Software

CVE-2024-53104 – Out-of-Bounds Write in Linux Kernel

A severe kernel-level vulnerability affecting UVC drivers allowed attackers to perform out-of-bounds writes. Exploited in the wild and flagged by CISA on February 5.

CVE-2025-0622 & CVE-2025-0624 – Critical GRUB2 Bootloader Bugs

GRUB2 vulnerabilities allowed attackers to bypass Secure Boot via use-after-free and OOB write bugs in GPG and network boot modules.


Apple macOS/iOS Vulnerabilities

CVE-2025-24085 – iOS/macOS CoreMedia Zero-Day

A use-after-free bug in CoreMedia actively exploited to elevate privileges on pre-iOS 17.2 devices. Patched in iOS 18.3/macOS 15.3.

CVE-2025-24200 – USB Restricted Mode Bypass

A physically exploitable flaw allowed attackers to disable USB Restricted Mode on locked iPhones.
CVSS Score: 4.6


Network Infrastructure: Cisco & Fortinet

CVE-2025-20124 & CVE-2025-20125 – Cisco ISE Critical Bugs

Two severe vulnerabilities allowed authenticated users to gain root shell or bypass authorization on Cisco ISE.
CVSS Scores: 9.9 & 9.1

CVE-2024-55591 – Fortinet Zero-Day Authentication Bypass

Exploited in the wild, this zero-day in FortiOS/FortiProxy allowed attackers to achieve super-admin access via WebSocket manipulation.


Application-Level & Web Platform Vulnerabilities

February 2025 Adobe Updates – 45 Vulnerabilities Patched

Adobe issued patches for InDesign, Illustrator, InCopy, Photoshop Elements, and Adobe Commerce (Magento). Several critical RCEs were addressed.

CVE-2025-29927 – Next.js Authentication Bypass

A middleware logic flaw in Next.js (v13.0.0–13.5.8) allowed attackers to bypass auth via crafted headers.

CVE-2025-24752 – Reflected XSS in WordPress Elementor Addon

Over 2 million WordPress sites using “Essential Addons for Elementor” were at risk from a high-severity XSS bug via unsanitized popup-selector input.


Final Recommendations

  • Apply all relevant patches immediately, especially for actively exploited zero-days.

  • Validate exploit mitigations in enterprise environments.

  • Monitor threat intelligence sources such as CISA, ZDI, and vendor advisories regularly.

  • For high-risk infrastructure, consider implementing virtual patching, network segmentation, and enhanced logging until patches can be verified.