Intelligence Report

CVE Tracker

11 Oct 2025 – 25 Oct 2025

Total

High

Moderate

Bottom Line

Top priority CVEs this cycle: CVE-2025-20333 (Cisco ASA/FTD), CVE-2025-25257 (Fortinet FortiWeb), and CVE-2025-32433 (Erlang/OTP SSH) — selected for widespread deployment and demonstrated exploit readiness.

Access Type Distribution

Non-stealer IAB activity, past two weeks

Fortinet VPN

40%

Cisco VPN

25.7%

RDP

11.4%

RDWeb

8.6%

SonicWall VPN

5.7%

Other

8.6%

Key Finding

Fortinet VPN = 40% of access sales

Combined with Cisco VPN (25.7%), network perimeter devices represent the primary IAB target. Patch and enforce MFA.

Get Alerts When Your Org Is Mentioned

Bi-weekly CVE reports + real-time alerts when your attack surface appears in underground discussions.