4188 matches found
CISA Adds Five Known Exploited Vulnerabilities to Catalog
Updated October 22, 2025 CISA is continually collaborating with partners across government and the private sector. Through this collaboration, CISA has determined that CVE-2025-6264 has not been exploited and there is insufficient evidence to keep this CVE on the KEV and that the best course of...
Zoho Releases Security Update on ManageEngine Desktop Central
Zoho has released a security update on a vulnerability CVE-2020-10189 affecting ManageEngine Desktop Central build 10.0.473 and below. A remote attacker could exploit this vulnerability to take control of an affected system. ManageEngine Desktop Central is a unified endpoint management solution...
CISA Adds Five Known Vulnerabilities to Catalog
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation: CVE-2023-21608 Adobe Acrobat and Reader Use-After-Free Vulnerability CVE-2023-20109 Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerabilit...
F5 Releases Security Advisories Addressing Multiple Vulnerabilities
F5 has released security advisories on vulnerabilities affecting multiple products, including various versions of BIG-IP. Included in the release is an advisory for CVE-2022-1388, which allows undisclosed requests to bypass the iControl REST authentication in BIG-IP. An attacker could exploit...
Microsoft Releases Security Updates
Microsoft has released updates to address vulnerabilities affecting Microsoft Office. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the following Microsoft security advisories and appl...
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20262link is external Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability CVE-2026-54420link is external LiteSpeed cPanel Plugin UNIX...
CISA Issues Emergency Directive on Microsoft Windows Print Spooler
CISA has issued Emergency Directive ED 21-04: Mitigate Windows Print Spooler Service Vulnerability addressing CVE-2021-34527. Attackers can exploit this vulnerability to remotely execute code with system level privileges enabling a threat actor to quickly compromise the entire identity...
PrintNightmare, Critical Windows Print Spooler Vulnerability
Updated July 2, 2021 For new information and mitigations, see Microsoft's updated guidance for the Print spooler vulnerability CVE-2021-34527. Updated July 1, 2021 See Microsoft's new guidance for the Print spooler vulnerability CVE-2021-34527 and apply the necessary workarounds. Original post Ju...
Microsoft Launches Phase 2 Mitigation for Netlogon Remote Code Execution Vulnerability (CVE-2020-1472)
Microsoft addressed a critical remote code execution vulnerability affecting the Netlogon protocol CVE-2020-1472 on August 11, 2020. Beginning with the February 9, 2021 Security Update release, Domain Controllers will be placed in enforcement mode. This will require all Windows and non-Windows...
Microsoft Warns of Windows Win32k Privilege Escalation
Microsoft has released a security advisory to address an escalation of privileges vulnerability, CVE-2021-1732, in Microsoft Win32k. A local attacker can exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild. CISA encourages user...
Microsoft Warns of Continued Exploitation of CVE-2020-1472
Microsoft has released a blog post on cyber threat actors exploiting CVE-2020-1472, an elevation of privilege vulnerability in Microsoft’s Netlogon. A remote attacker can exploit this vulnerability to breach unpatched Active Directory domain controllers and obtain domain administrator access. The...
Internet System Consortium releases BIND patches
The Internet System Consortium has released updates for BIND to address a vulnerability in BIND versions 9.4-ESV-R3 and later, 9.6-ESV-R2 and later, 9.6.3, 9.7.1 and later, and 9.8.0 and later. Exploitation of this vulnerability may allow an attacker to cause a denial-of-service condition...
Oracle Releases Sun Java SE 1.6.0_20
Oracle has released Sun Java SE 1.6.020 to address several vulnerabilities. The release notes for this version of Java SE indicate that these vulnerabilities are in Java Deployment Toolkit and the new Java Plug-in. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker...
CISA Releases Guidance on Phishing-Resistant and Numbers Matching Multifactor Authentication
CISA has released two fact sheets to highlight threats against accounts and systems using certain forms of multifactor authentication MFA. CISA strongly urges all organizations to implement phishing-resistant MFA to protect against phishing and other known cyber threats. If an organization using...
CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types a...
Microsoft Releases Security Updates to Address Remote Code Execution Vulnerabilities
Microsoft has released security updates to address two remote code execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182, in the following operating systems: Windows 7 SP1 Windows Server 2008 R2 SP1 Windows Server 2012 Windows 8.1 Windows Server 2012 R2 Windows 10 Windows Server 2016 Windows...
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-1316link is external Edimax IC-7100 IP Camera OS Command Injection Vulnerability CVE-2024-48248link is external NAKIVO Backup and Replication Absolute Path...
Microsoft Releases Security Advisory for Windows Hello for Business
Microsoft has released a Security Advisory to address an issue in Windows Hello for Business WHfB. An attacker could exploit this issue on devices that were affected by CVE-2017-15361, also known as Return of Coppersmith’s Attack ROCA, to take control of an affected system. The Cybersecurity and...
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2013-3893link is external Microsoft Internet Explorer Resource Management Errors Vulnerability CVE-2007-0671link is external Microsoft Office Excel Remote Cod...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-3248link is external Langflow Missing Authentication Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...
Linux Kernel Vulnerability
US-CERT is aware of a Linux kernel vulnerability affecting Linux PCs and servers and Android-based devices. Exploitation of this vulnerability may allow an attacker to take control of an affected system. US-CERT recommends that users and administrators review the Redhat Security Blog and the Debi...
Apple Releases Security Update to Address CVE-2021-30883
Apple has released a security update to address a vulnerability—CVE-2021-30883—in multiple products. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability has been detected in exploits in the wild. CISA encourages users to review the Apple security...
Urgent: Protect Against Active Exploitation of ProxyShell Vulnerabilities
Malicious cyber actors are actively exploiting the following ProxyShell vulnerabilities: CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. An attacker exploiting these vulnerabilities could execute arbitrary code on a vulnerable machine. CISA strongly urges organizations to identify vulnerable...
Microsoft Releases August 2021 Security Updates
Updated: August 24, 2021 CISA is aware of open source reporting on the active exploitation of CVE-2021-36942 PetitPotam. To address this vulnerability, Microsoft released a patch and mitigation guidance as part of its August 2021 security updates. CISA strongly encourages users and administrators...
ISC Releases Security Updates for BIND
The Internet Systems Consortium ISC has released security updates to address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial of service condition. Updates available include: BIND 9.9.6-P2 BIND 9.10.1-P2 Users and administrators are...
CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities
CISA has issued Emergency Directive ED 22-02: Mitigate Apache Log4j Vulnerability, directing federal civilian executive branch FCEB agencies to address Log4j vulnerabilities—most notably, CVE-2021-44228. Although ED 22-02 applies to FCEB agencies, CISA strongly recommends that all organizations...
Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
CISA, the Federal Bureau of Investigation FBI, the National Security Agency NSA, and the cybersecurity authorities of Australia, Canada, New Zealand, and the United Kingdom have released a joint Cybersecurity Advisory in response to multiple vulnerabilities in Apache’s Log4j software library...
Citrix Releases Security Updates for Multiple Products
Citrix released security updates to address vulnerabilities in multiple Citrix products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: NetScaler...
Apple Releases Security Updates to Address CVE-2021-30858 and CVE-2021-30860
Apple has released security updates to address vulnerabilities—CVE-2021-30858 and CVE-2021-30860—in multiple products. An attacker could exploit these vulnerabilities to take control of an affected device. CISA is aware of public reporting that these vulnerabilities may have been exploited in the...
Russian State-Sponsored Cyber Actors Access Network Misconfigured with Default MFA Protocols
CISA and the Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory that details how Russian state-sponsored cyber actors accessed a network with misconfigured default multifactor authentication MFA protocols. The actors then exploited a critical Windows Print Spooler...
Threat Actors Exploiting F5 BIG IP CVE-2022-1388
CISA and the Multi-State Information Sharing and Analysis Center MS-ISAC have released the joint Cybersecurity Advisory Threat Actors Exploiting F5 BIG-IP CVE-2022-1388 in response to active exploitation of CVE-2022-1388, which affects F5 Networks BIG-IP devices. The vulnerability allows an...
Microsoft Server Message Block RCE Vulnerability
Microsoft has released a security advisory to address a remote code execution vulnerability CVE-2020-0796 in Microsoft Server Message Block 3.1.1 SMBv3. A remote attacker can exploit this vulnerability to take control of an affected system. SMB is a network file-sharing protocol that allows clien...
FBI-CISA-CGCYBER Advisory on APT Exploitation of ManageEngine ADSelfService Plus Vulnerability
The Federal Bureau of Investigation FBI, CISA, and Coast Guard Cyber Command CGCYBER have released a Joint Cybersecurity Advisory CSA detailing the active exploitation of an authentication bypass vulnerability CVE-2021-40539 in Zoho ManageEngine ADSelfService Plus—a self-service password manageme...
Apache Releases HTTP Server version 2.4.51 to Address Vulnerabilities Under Exploitation
On October 7, 2021, the Apache Software Foundation released Apache HTTP Server version 2.4.51 to address Path Traversal and Remote Code Execution vulnerabilities CVE-2021-41773, CVE-2021-42013 in Apache HTTP Server 2.4.49 and 2.4.50. These vulnerabilities have been exploited in the wild. CISA is...
IRS Launches “Identity Theft Central” Webpage
The Internal Revenue Service IRS has launched its “Identity Theft Central” webpage to provide 24/7 access to online information regarding tax-related identity theft and data security protection. Tax-related identity theft occurs when someone steals personal information to commit tax fraud. The...
Apache Releases Security Update for HTTP Server
The Apache Software Foundation has released Apache HTTP Server 2.4.52. This version addresses vulnerabilities—CVE-2021-44790 and CVE-2021-44224—one of which may allow a remote attacker to take control of an affected system. CISA encourages users and administrators to review the Apache announcemen...
CISA Temporarily Removes CVE-2022-26925 from Known Exploited Vulnerability Catalog
CISA is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication failures when the May 10, 2022 Microsoft rollup update is applied to domain controllers. After installing May 10, 2022 rollup update on domain controllers, organizations migh...
Microsoft Releases Out-of-Band Security Updates for SMB RCE Vulnerability
Microsoft has released out-of-band security updates to address a remote code execution vulnerability CVE-2020-0796 in Microsoft Server Message Block 3.1.1 SMBv3. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security...
CISA Adds 13 Known Exploited Vulnerabilities to Catalog
CISA has added 13 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and...
Cisco Releases Security Advisory for Cisco IOS Software Smart Install
Cisco has released a security advisory to address a vulnerability in the Cisco IOS Software Install feature running on Cisco Catalyst Switches. Exploitation of this vulnerability may allow remote code execution by an unauthenticated attacker. US-CERT encourages administrators to review Cisco...
VMware Releases Security Advisory
VMware has released a security advisory to address a privilege escalation vulnerability in vCenter Server and Cloud Foundation. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review VMware Security Advisory...
Microsoft Releases Advisory for Unpatched Windows Vulnerability
Microsoft has released a security advisory to provide recommended mitigations for an unpatched vulnerability, CVE-2014-6352 which affects all Microsoft Windows releases except Windows Server 2003. This vulnerability could allow an attacker to take control of an affected system if a user opens a...
Drupal Releases Security Advisory
Drupal has released a security advisory to address an application program interface API vulnerability CVE-2014-3704 that could allow an attacker to execute arbitrary SQL commands on an affected system. This vulnerability affects all Drupal core 7.x versions prior to 7.32. US-CERT advises users an...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-0257link is external Palo Alto Networks PAN-OS Authentication Bypass Vulnerability This type of vulnerability is a frequent attack vectors for malicious cybe...
VMware Releases Security Updates to Address CVE-2020-4006
VMware has released security updates to address a vulnerability—CVE-2020-4006—in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructur...
Exploit for Netlogon Remote Protocol Vulnerability, CVE-2020-1472
The Cybersecurity and Infrastructure Security Agency CISA is aware of publicly available exploit code for CVE-2020-1472, an elevation of privilege vulnerability in Microsoft’s Netlogon. Although Microsoft provided patches for CVE-2020-1472 in August 2020, unpatched systems will be an attractive...
CISA Releases Cloud Security Technical Reference Architecture
CISA has released its Cloud Security CS Technical Reference Architecture TRA to guide federal civilian departments and agencies in securely migrating to the cloud. Co-authored by CISA, the United States Digital Service, and the Federal Risk and Authorization Management Program, the CS TRA defines...
CISA Releases Test for Citrix ADC and Gateway Vulnerability
The Cybersecurity and Infrastructure Security Agency CISA has released a utility that enables users and administrators to test whether their Citrix Application Delivery Controller ADC and Citrix Gateway software is susceptible to the CVE-2019-19781 vulnerability. According to Citrix Security...
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types...
MS-ISAC Releases Cybersecurity Advisory on Zyxel Firewalls and AP Controllers
The Multi-State Information Sharing and Analysis Center MS-ISAC has released an advisory on a vulnerability in Zyxel firewalls and AP controllers. A remote attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the MS-IS...