Source URL: https://www.cisa.gov/news-events/alerts/2025/02/18/cisa-adds-two-known-exploited-vulnerabilities-catalog
Source: Alerts
Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Feedly Summary: CISA has added two vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-0108 Palo Alto PAN-OS Authentication Bypass Vulnerability
CVE-2024-53704 SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
AI Summary and Description: Yes
Summary: CISA’s update of the Known Exploited Vulnerabilities Catalog highlights two new vulnerabilities affecting Palo Alto and SonicWall systems, underscoring the ongoing cybersecurity threats faced by federal agencies and emphasizing the necessity for timely remediation to safeguard against exploitation.
Detailed Description:
– The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities Catalog by adding two significant vulnerabilities:
– **CVE-2025-0108**: An authentication bypass vulnerability in Palo Alto’s PAN-OS.
– **CVE-2024-53704**: An improper authentication vulnerability affecting SonicWall’s SonicOS SSLVPN.
– These vulnerabilities are cited as frequent attack vectors leveraged by malicious cyber actors, thereby posing critical risks to federal enterprises.
– **Binding Operational Directive (BOD) 22-01**: This directive focuses on reducing the significant risks associated with known exploited vulnerabilities. Key aspects include:
– Establishment of the Known Exploited Vulnerabilities Catalog, which acts as a dynamic list of CVEs posing notable threats to federal organizations.
– Mandates that Federal Civilian Executive Branch (FCEB) agencies must remediate identified vulnerabilities by specified deadlines to enhance their defenses against ongoing cyber threats.
– While BOD 22-01 is targeted at federal agencies, CISA encourages all organizations to adopt practices that prioritize the remediation of these cataloged vulnerabilities as part of effective vulnerability management.
– CISA’s ongoing commitment includes expanding the vulnerabilities catalog by adding new entries that meet its criteria, thereby maintaining a proactive stance against cyber threats that can affect critical infrastructure and sensitive information.
– **Implications for Security and Compliance Professionals**:
– Organizations should continuously monitor the Known Exploited Vulnerabilities Catalog for updates.
– Timely remediation strategies should be integrated into routine security practices to mitigate risks.
– Focusing on high-impact vulnerabilities can significantly reduce the attack surface and enhance overall cybersecurity posture.
By recognizing the importance of CISA’s updates and adhering to recommended practices, security professionals can strengthen their defenses against potential exploitation.