U.S. CISA adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities catalog.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Smartbedded Meteobridge, Samsung, Juniper ScreenOS, Jenkins, and GNU Bash flaws to its Known Exploited Vulnerabilities (KEV) catalog.
Below are the descriptions for these flaws:
In October 2024, the IT community worldwide was shocked by the discovery of the Bash Bug flaw, a vulnerability that impacted the popular Bash component for over two decades.
While principal vendors were working to provide the necessary patches for vulnerable Linux and Unix systems, the researcher Michal Zalewski found two additional bugs in the Bourne Again Shell.
One of two bugs, tracked as CVE-2014-6278, as the original Bash Bug vulnerability (CVE-2014-6271) could be exploited for remote arbitrary code execution. Experts explained that it exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.
The second flaw added to the KeV catalog, tracked as CVE-2015-7755, in an administrative access issue. Remote attackers could exploit the flaw to obtain administrative access by entering an unspecified password during a (1) SSH or (2) TELNET session.
The third issue added to the catalog, tracked as CVE-2017-1000353, is an unauthenticated remote code execution vulnerability that allowed attackers to transfer a serialized Java SignedObject object to the remoting-based Jenkins CLI, which would be deserialized using a new ObjectInputStream, bypassing the existing blacklist-based protection mechanism.
SignedObject has been added to the remoting blacklist.” reads the security advisory published by Jenkins.
CISA also added the vulnerability CVE-2025-4008 to the catalog. The issue is a command injection flaw in Smartbedded MeteoBridge’s web interface that allows remote, unauthenticated attackers to execute arbitrary root commands.
The last issue added to the catalog impacts Samsung devices, it is an Out-of-bounds write tracked as CVE-2025-21043. The vulnerability resides in the libimagecodec.quram.so prior to SMR Sep-2025 Release 1. A remote attacker can exploit the flaw to execute arbitrary code.
According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.
Experts also recommend that private organizations review the Catalog and address the vulnerabilities in their infrastructure.
CISA orders federal agencies to fix the vulnerabilities by October 23, 2025.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, CISA)