CISA Adds Seven Known Exploited Vulnerabilities to Catalog
Strategische Zusammenfassung
CISA's catalog indicates these vulnerabilities are actively exploited in the wild, elevating them from theoretical to immediate threats requiring prioritized remediation.
Relevanz für dich
CISA's catalog indicates these vulnerabilities are actively exploited in the wild, elevating them from theoretical to immediate threats requiring prioritized remediation.
Volltext
An official website of the United States government
Here’s how you know
Here’s how you know
**Official websites use .gov**
A **.gov** website belongs to an official government organization in the United States.
**Secure .gov websites use HTTPS**
A **lock** () or **https://** means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
**Due to the lapse in federal funding, this website will not be actively managed.****Read More**
[×](javascript:void(0) "Clear search box")
[×](javascript:void(0) "Clear search box")
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats.
CISA Central[1-844-Say-CISA](tel:1-844-Say-CISA)[[email protected]](mailto:[email protected])
An official website of the U.S. Department of Homeland Security
Erwähnte CVEs
Risk Score
- cvss base
- 78.00
- kev bonus
- 20.00
- epss bonus
- 10.00
- poc bonus
- 15.00
- raw before weight
- 123.00
- industry weight
- 1.30
Pfad: operational
MITRE ATT&CK Mapping
5 TTPsProcedure-Details
| Technik | Tactic | Procedure | Conf. | Quelle |
|---|---|---|---|---|
| T1574.001 DLL Search Order Hijacking | Persistence | CVE-2012-1854 involves Microsoft Visual Basic for Applications insecure library loading, where attackers exploit unsafe DLL search order to load malicious libraries. | high | llm |
| T1203 Exploitation for Client Execution | Execution | CVE-2020-9715 (Adobe Acrobat Use-After-Free) and CVE-2026-34621 (Adobe Acrobat Prototype Pollution) are client-side application vulnerabilities exploited when users open malicious documents. | high | llm |
| T1190 Exploit Public-Facing Application | Initial Access | CVE-2023-21529 targets Microsoft Exchange Server via deserialization of untrusted data, and CVE-2026-21643 exploits a Fortinet SQL Injection vulnerability, both targeting publicly accessible services. | high | llm |
| T1068 Exploitation for Privilege Escalation | Privilege Escalation | CVE-2023-36424 (Windows Out-of-Bounds Read) and CVE-2025-60710 (Windows Link Following) are Windows vulnerabilities actively exploited to escalate privileges on compromised systems. | high | llm |
| T1211 Exploitation for Defense Evasion | Defense Evasion | CVE-2025-60710 involves Windows Link Following behavior that can be leveraged to bypass security controls or redirect file operations to gain unauthorized access. | medium | llm |