---
title: "CISA Warns of 3 Actively Exploited Vulnerabilities—Patch Now"
short_title: "CISA adds 3 critical exploited vulnerabilities"
description: "CISA has added three actively exploited vulnerabilities to its KEV Catalog. Learn about the risks, affected systems, and mitigation steps to protect your network."
author: "Vitus"
date: 2025-01-24
categories: [Cybersecurity, Vulnerabilities]
tags: [cisa, known exploited vulnerabilities, cve-2025-20393, cve-2025-40602, cve-2025-59374]
score: 0.92
cve_ids: [CVE-2025-20393, CVE-2025-40602, CVE-2025-59374]
---
TL;DR
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. These flaws pose significant risks to federal agencies and organizations worldwide. Immediate patching is strongly recommended to mitigate potential cyberattacks.
---
Main Content
The Cybersecurity and Infrastructure Security Agency (CISA) has escalated its warnings after adding three critical vulnerabilities to its [Known Exploited Vulnerabilities (KEV) Catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog). These vulnerabilities are actively being exploited by malicious cyber actors, making them a severe threat to federal agencies and enterprises globally. Organizations are urged to prioritize remediation to reduce their exposure to cyberattacks.
---
Key Points
- CISA has added three actively exploited vulnerabilities to its KEV Catalog.
- The vulnerabilities affect Cisco, SonicWall, and ASUS products.
- Federal agencies are required to patch these vulnerabilities by the specified deadlines under Binding Operational Directive (BOD) 22-01.
- All organizations, not just federal agencies, are advised to prioritize remediation to mitigate risks.
---
Technical Details
#### 1. CVE-2025-20393: Cisco Multiple Products Improper Input Validation Vulnerability
- Affected Products: Multiple Cisco products, including routers, switches, and firewalls.
- Impact: This vulnerability allows attackers to execute arbitrary code or cause a denial-of-service (DoS) condition due to improper input validation.
- Severity: High—exploitation could lead to unauthorized access or system crashes.
#### 2. CVE-2025-40602: SonicWall SMA1000 Missing Authorization Vulnerability
- Affected Products: SonicWall Secure Mobile Access (SMA) 1000 series.
- Impact: The flaw enables attackers to bypass authorization checks, potentially gaining unauthorized access to sensitive data or administrative functions.
- Severity: Critical—exploitation could compromise entire networks.
#### 3. CVE-2025-59374: ASUS Live Update Embedded Malicious Code Vulnerability
- Affected Products: ASUS devices using the Live Update utility.
- Impact: This vulnerability involves embedded malicious code that could allow attackers to execute arbitrary commands or install malware on affected systems.
- Severity: High—exploitation could lead to full system compromise.
---
Impact Assessment
These vulnerabilities are frequent attack vectors for cybercriminals and pose significant risks to organizations, including:
- Unauthorized access to sensitive data.
- Disruption of critical services due to DoS attacks.
- Malware infections leading to further compromise.
- Compliance violations for federal agencies failing to adhere to BOD 22-01.
The inclusion of these vulnerabilities in the KEV Catalog underscores their severity and the urgency of patching them.
---
Mitigation Steps
CISA strongly recommends the following actions:
1. Immediate Patching: Apply the latest security updates provided by Cisco, SonicWall, and ASUS to mitigate these vulnerabilities.
2. Prioritize KEV Catalog Vulnerabilities: Organizations should integrate the KEV Catalog into their vulnerability management practices to address high-risk flaws promptly.
3. Monitor for Exploitation: Deploy intrusion detection systems (IDS) and security information and event management (SIEM) tools to detect and respond to exploitation attempts.
4. Review BOD 22-01 Guidelines: Federal agencies must comply with the remediation deadlines outlined in [BOD 22-01](https://www.cisa.gov/binding-operational-directive-22-01).
---
Affected Systems
| CVE ID | Vendor | Affected Products |
|-----------------------|-------------|-------------------------------------------|
| CVE-2025-20393 | Cisco | Routers, switches, firewalls |
| CVE-2025-40602 | SonicWall | SMA 1000 series |
| CVE-2025-59374 | ASUS | Devices using Live Update utility |
---
Conclusion
The addition of these three vulnerabilities to CISA’s KEV Catalog serves as a critical reminder of the importance of proactive cybersecurity measures. Organizations must prioritize patching these flaws to protect their networks from active threats. While BOD 22-01 mandates action for federal agencies, all organizations are urged to follow suit to reduce their risk of cyberattacks.
Stay vigilant, monitor for updates, and ensure your systems are secured against these and other emerging threats.
---
References
[^1]: CISA. "[CISA Adds Three Known Exploited Vulnerabilities to Catalog](https://www.cisa.gov/news-events/alerts/2025/12/17/cisa-adds-three-known-exploited-vulnerabilities-catalog)". Retrieved 2025-01-24.
[^2]: CISA. "[Known Exploited Vulnerabilities Catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog)". Retrieved 2025-01-24.
[^3]: CISA. "[Binding Operational Directive (BOD) 22-01](https://www.cisa.gov/binding-operational-directive-22-01)". Retrieved 2025-01-24.