Skip to content Cyber Threat Intelligence , Emergency Announcement Zabbix releases fixes for three vulnerabilities in monitoring agents 10/08/2025 Zabbix has disclosed three security vulnerabilities affecting multiple versions of its monitoring agents and servers. The most critical, identified as CVE-2025-27237 , has a CVSS score of 7.3 (high severity) and allows local attackers to escalate privileges in Windows environments. The other two vulnerabilities, CVE-2025-49641 and CVE-2025-27231 , are rated as medium severity and involve unauthorized access control issues. Vulnerability details CVE-2025-27237 affects Zabbix Agent and Agent 2 for Windows. The flaw is related to the loading of the OpenSSL configuration file from a path that can be modified by low-privileged users, allowing malicious modifications and potential local privilege escalation through DLL injection. CVE-2025-49641 allows a regular Zabbix user without access to the Monitoring → Problems view to still call the problem.view.refresh action and retrieve a list of active problems. CVE-2025-27231 involves the leakage of the LDAP connection password when a super administrator changes the LDAP host to an unauthorized server. Affected versions and patches The affected versions include 6.0.0 to 6.0.40 , 7.0.0 to 7.0.17 , 7.2.0 to 7.2.11 , and 7.4.0 to 7.4.1 of Zabbix Agent, Agent 2, and Server. Zabbix has released patches in versions 6.0.41 , 7.0.18 , 7.2.12 , and 7.4.2 for all three vulnerabilities. In this context, SEK recommends: Testing the updates in non-production environments before deploying to production. Immediately updating Zabbix Agent, Agent 2, and Server to the fixed versions provided by the vendor. Reviewing Zabbix user access permissions and applying the principle of least privilege to minimize the attack surface. SEK is actively monitoring this situation and remains available to assist clients with the implementation of fixes, impact assessment, and proactive identification of vulnerable instances. More content like this: Cyber Threat Intelligence , SEK Security Advisory 02/11/2026 Microsoft Patch Tuesday Fixes 6 Actively Exploited Zero-Days Microsoft released its monthly Patch Tuesday with fixes for 55 vulnerabilities across products such as Windows, Microsoft Office, Azure, GitHub Copilot, Visual Studio, Microsoft Exchange Server, Microsoft Defender, and .NET. READ MORE Cyber Threat Intelligence , SEK Security Advisory 02/05/2026 Attackers Use Compromised SonicWall VPN Credentials to Deploy EDR-Disabling Malware Huntress identified an active campaign in February 2026 where attackers used compromised SonicWall SSLVPN credentials to access corporate networks READ MORE Access more content