Source URL: https://www.cisa.gov/news-events/alerts/2025/01/14/cisa-adds-four-known-exploited-vulnerabilities-catalog
Source: Alerts
Title: CISA Adds Four Known Exploited Vulnerabilities to Catalog
Feedly Summary: CISA has added four vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2024-55591 Fortinet FortiOS Authorization Bypass Vulnerability
CVE-2025-21333 Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability
CVE-2025-21334 Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
CVE-2025-21335 Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
AI Summary and Description: Yes
Summary: The text discusses the addition of four new vulnerabilities to the CISA Known Exploited Vulnerabilities Catalog, emphasizing their risk to federal agencies and the importance of timely remediation to mitigate cyber threats.
Detailed Description: The recent addition of vulnerabilities to the CISA Known Exploited Vulnerabilities Catalog serves as a critical alert for organizations, particularly those in the federal sector, regarding ongoing cyber threats. Key points include:
– **Listed Vulnerabilities**:
– **CVE-2024-55591**: A Fortinet FortiOS Authorization Bypass vulnerability.
– **CVE-2025-21333**: A Microsoft Windows Hyper-V NT Kernel integration heap-based buffer overflow vulnerability.
– **CVE-2025-21334**: A Microsoft Windows Hyper-V NT Kernel integration use-after-free vulnerability.
– **CVE-2025-21335**: Another use-after-free vulnerability associated with Microsoft Windows Hyper-V NT Kernel integration.
– **Impacts and Risks**:
– These vulnerabilities are highlighted as frequent attack vectors for cybercriminals, indicating their significant potential to disrupt federal networks.
– A proactive approach to addressing these vulnerabilities is vital in reducing the attack surface against malicious actors.
– **Binding Operational Directive (BOD) 22-01**:
– This directive established the Known Exploited Vulnerabilities Catalog as a living document to track high-risk CVEs that could affect federal agencies.
– The directive mandates that Federal Civilian Executive Branch (FCEB) agencies address listed vulnerabilities by specified deadlines to maintain robust cybersecurity postures.
– **Recommendations for Organizations**:
– Although BOD 22-01 targets federal entities, CISA advocates that all organizations should actively prioritize the identification and remediation of catalog vulnerabilities to enhance their cybersecurity framework.
– Continuous updates to the catalog will require organizations to maintain vigilant and responsive vulnerability management practices.
This text is highly relevant to security and compliance professionals who focus on vulnerability management, particularly in governmental and organizational contexts. It stresses the importance of immediate action to protect against known vulnerabilities, reinforcing a culture of proactive security measures.