The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog, adding several newly identified vulnerabilities to its authoritative list of security flaws exploited in the wild.
This catalog Developed to assist cybersecurity professionals in prioritizing vulnerability management, the KEV catalog serves as a critical resource for organizations aiming to strengthen their defenses against active threats.
1. Apache OFBiz – CVE-2024-45195
CVE-2024-45195, a forced browsing vulnerability identified in Apache OFBiz. This flaw could allow remote attackers to gain unauthorized access (CWE-425).
While its exploitation in ransomware campaigns remains unknown, organizations are advised to follow vendor-provided mitigations or discontinue use if such mitigations are unavailable.
This vulnerability was added on February 4, 2025, with a mitigation deadline of February 25, 2025.
2. Microsoft .NET Framework – CVE-2024-29059
Another critical addition is CVE-2024-29059, which is an information disclosure vulnerability in Microsoft .NET Framework. This vulnerability exposes the ObjRef URI and could potentially enable remote code execution (CWE-209).
Like the previous entry, its use in ransomware campaigns is yet unknown. Organizations are advised to apply the necessary patches or discontinue the affected software if mitigation is not feasible.
This vulnerability was also added on February 4, 2025, with the same mitigation deadline of February 25, 2025.
3. Paessler PRTG Network Monitor – CVE-2018-9276
CISA highlighted CVE-2018-9276, an operating system command injection vulnerability in Paessler PRTG Network Monitor. This flaw allows an attacker with administrative access to execute arbitrary commands via the web console (CWE-78).
Organizations should follow vendor recommendations to mitigate the issue or stop using the affected product if fixes are unavailable. The vulnerability was added to the catalog on February 4, 2025, with a mitigation deadline of February 25, 2025.
4. Paessler PRTG Network Monitor – CVE-2018-19410
CVE-2018-19410, another vulnerability impacting Paessler PRTG Network Monitor, was included in the catalog. It is a local file inclusion vulnerability that could enable a remote, unauthenticated attacker to create users with administrative privileges.
CISA advises implementing vendor-provided recommendations or discontinuing the software if mitigation is not possible. This vulnerability has the same addition and mitigation timelines as the others: February 4, 2025, and February 25, 2025, respectively.
A Call to Action for Organizations
CISA recommends that all organizations incorporate the KEV Catalog into their vulnerability management prioritization frameworks.
The catalog, available in CSV, JSON, JSON Schema, and print formats, provides an essential tool for tracking actively exploited vulnerabilities and ensuring defenses are in place before exploitation escalates.
CISA emphasizes that timely action is critical. Organizations should prioritize applying the recommended mitigations or discontinuing the use of vulnerable products before the indicated due dates to reduce the risk of exploitation by threat actors.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free