The Cybersecurity and Infrastructure Security Agency (CISA) has escalated its campaign to protect U.S. networks by adding three newly exploited D-Link device vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog.
The alert, issued on August 5, 2025, emphasizes a rising trend of cyberattacks targeting networking and surveillance hardware, with federal agencies and private organizations urged to act immediately.
D-Link Vulnerabilities Under Active Exploitation
The three vulnerabilities now highlighted in CISA’s KEV Catalog specifically impact D-Link DCS-2530L, DCS-2670L cameras, and the DNR-322L network video recorder.
Here is a summary table of the affected CVEs:
| CVE ID | Device Impacted | Vulnerability Name/Type | Description |
| CVE-2020-25078 | DCS-2530L, DCS-2670L | Unspecified Vulnerability | Allows unauthenticated attackers to exploit unknown flaws |
| CVE-2020-25079 | DCS-2530L, DCS-2670L | Command Injection Vulnerability | Remote attackers can inject OS commands |
| CVE-2022-40799 | DNR-322L | Download of Code Without Integrity Check | Code download lacking verification enables code execution |
These vulnerabilities are being leveraged by malicious actors seeking to gain unauthorized access, manipulate device functionality, or launch broader attacks on connected networks.
According to CISA, such device vulnerabilities are among the most commonly exploited vectors in current cyber campaigns targeting governmental and enterprise systems.
Under Binding Operational Directive (BOD) 22-01, Federal Civilian Executive Branch (FCEB) agencies are required to remediate all vulnerabilities listed in the KEV Catalog by their specified due dates to ensure protection against active cyber threats.
The directive, enforced by CISA, establishes the KEV Catalog as a dynamic repository of critical CVEs that present substantial risk to national infrastructure.
While BOD 22-01 is specific to federal entities, CISA strongly recommends all organizations—public and private—adopt a proactive vulnerability management approach by prioritizing the patching and remediation of KEV-listed issues.
Failure to do so may expose systems to significant risk, including data breaches, espionage, and operational disruption.
CISA will continue to update its catalog as new evidence of active exploitation emerges and as additional vulnerabilities meet established inclusion criteria.
The agency advises organizations to review the KEV Catalog regularly and implement robust patch management and defense-in-depth strategies.
As attacks on hardware devices become more sophisticated and persistent, immediate action and continuous vigilance remain essential for maintaining both federal and enterprise security postures.
The Ultimate SOC-as-a-Service Pricing Guide for 2025– Download for Free
Source link
