CISA Expands Its Known Exploited Vulnerabilities Catalog with Five New High-Risk CVEs
The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities Catalog with five new CVEs that have been actively exploited by threat actors. These vulnerabilities, identified in widely used enterprise software, represent significant attack vectors that pose serious risks, particularly to federal systems and critical infrastructures.The New Vulnerabilities
The five newly added vulnerabilities are:- CVE-2025-25181: Advantive VeraCore SQL Injection Vulnerability
This flaw enables attackers to execute arbitrary SQL commands against vulnerable systems. Exploitation of this vulnerability could lead to unauthorized access or manipulation of sensitive data. - CVE-2024-57968: Advantive VeraCore Unrestricted File Upload Vulnerability
This vulnerability permits malicious actors to upload files without proper restrictions, potentially allowing harmful code to be executed on target systems. - CVE-2024-13159: Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
- CVE-2024-13160: Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
- CVE-2024-13161: Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
These three issues, all affecting Ivanti Endpoint Manager, allow attackers to perform absolute path traversal, potentially accessing sensitive files and critical system components outside of intended directories.
Why These Vulnerabilities Matter
These vulnerabilities are particularly concerning because they are frequent targets for cyberattacks—especially against federal and enterprise networks. Attackers leverage weaknesses like SQL injection, unrestricted file upload, and absolute path traversal to compromise systems, exfiltrate data, and establish persistence within networks. Such exploitation can lead to large-scale data breaches and expose organizations to significant monetary, reputational, and operational risks.The Role of Binding Operational Directive (BOD) 22-01
In response to the growing threat posed by these and other vulnerabilities, the Binding Operational Directive (BOD) 22-01 was established to reduce the significant risk of known exploited vulnerabilities within the federal enterprise. Under BOD 22-01, all Federal Civilian Executive Branch (FCEB) agencies are required to remediate these vulnerabilities by an established due date in order to safeguard their networks against active threats. The directive's Fact Sheet provides detailed guidance for remediation steps and emphasizes the critical need for timely updates.While BOD 22-01 applies specifically to FCEB agencies, CISA strongly urges all organizations not to delay in remedial actions. Reducing exposure by patching these cataloged vulnerabilities is an essential component of any robust vulnerability management program.
A Living Catalog and the Path Forward
The Known Exploited Vulnerabilities Catalog is a dynamic, continuously updated list that specifies CVEs posing significant risks based on current threat activities. CISA will keep adding vulnerabilities to the catalog as long as they meet the specified risk criteria. Organizations, regardless of size, are advised to regularly consult the catalog and prioritize remediation based on the potential impact these vulnerabilities could have on their networks.In conclusion, as cyber threats continue to evolve, the timely remediation of known exploited vulnerabilities is imperative. CISA’s latest additions to the catalog serve as a pointed reminder for organizations—especially those in high-risk federal environments—to stay vigilant, patch promptly, and maintain robust security practices to protect against the ever-present threat of cyberattacks.
For more detailed information on these vulnerabilities and the remediation guidelines, please visit the CISA Known Exploited Vulnerabilities Catalog and review the BOD 22-01 Fact Sheet.
Source: CISA
Source: CISA CISA Adds Five Known Exploited Vulnerabilities to Catalog | CISA
