---
title: "CISA Warns of 4 Actively Exploited Vulnerabilities—Patch Now"
short_title: "CISA adds 4 critical exploited vulnerabilities to catalog"
description: "CISA has added four actively exploited vulnerabilities to its KEV catalog, urging immediate patching. Learn about the risks and mitigation steps for these threats."
author: "Vitus"
date: 2025-01-24
categories: [Cybersecurity, Vulnerabilities]
tags: [cisa, cve, cybersecurity, vulnerability-management, active-exploitation]
score: 0.92
cve_ids: [CVE-2008-0015, CVE-2020-7796, CVE-2024-7694, CVE-2026-2441]
---
TL;DR
CISA has added four critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog after confirming active exploitation. These flaws pose significant risks to federal agencies and private organizations alike. Immediate patching is strongly recommended to mitigate potential cyberattacks.
---
Main Content
The Cybersecurity and Infrastructure Security Agency (CISA) has escalated its warnings after adding four new vulnerabilities to its [Known Exploited Vulnerabilities (KEV) Catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog). These vulnerabilities, which are actively being exploited by malicious cyber actors, target widely used software and systems, posing severe risks to both federal and private sector networks.
Key Points
- CISA has identified active exploitation of four vulnerabilities, urging immediate remediation.
- The vulnerabilities affect Microsoft Windows, Synacor Zimbra, TeamT5 ThreatSonar, and Google Chromium.
- Federal agencies are required to patch these vulnerabilities under Binding Operational Directive (BOD) 22-01.
- All organizations are advised to prioritize patching to reduce exposure to cyberattacks.
---
Technical Details
The four vulnerabilities added to the KEV Catalog are:
1. CVE-2008-0015: A remote code execution (RCE) vulnerability in Microsoft Windows Video ActiveX Control. This legacy flaw, despite its age, remains a target for attackers due to unpatched systems.
2. CVE-2020-7796: A server-side request forgery (SSRF) vulnerability in Synacor Zimbra Collaboration Suite (ZCS). Attackers can exploit this flaw to access internal systems and sensitive data.
3. CVE-2024-7694: An unrestricted file upload vulnerability in TeamT5 ThreatSonar Anti-Ransomware. This flaw allows attackers to upload malicious files, potentially leading to system compromise.
4. CVE-2026-2441: A use-after-free vulnerability in Google Chromium’s CSS engine. Exploitation could lead to arbitrary code execution or browser crashes.
---
Impact Assessment
These vulnerabilities are frequent attack vectors for cybercriminals and nation-state actors. The inclusion of these flaws in the KEV Catalog underscores their severity and the urgency of remediation. Federal agencies, in particular, face mandatory patching deadlines under BOD 22-01, but all organizations are at risk if left unpatched.
- Federal Agencies: Must remediate these vulnerabilities by the specified deadlines to comply with BOD 22-01 and protect critical infrastructure.
- Private Organizations: Are strongly urged to prioritize patching to prevent data breaches, ransomware attacks, and other cyber threats.
- Legacy Systems: Such as those affected by CVE-2008-0015, remain high-risk targets due to delayed patching.
---
Mitigation Steps
To reduce exposure to these threats, organizations should:
1. Apply Patches Immediately: Prioritize patching the vulnerabilities listed in the KEV Catalog.
2. Monitor for Exploitation: Use threat intelligence tools to detect signs of active exploitation.
3. Review Vulnerability Management Policies: Ensure timely patching of critical vulnerabilities as part of routine cybersecurity practices.
4. Educate Employees: Raise awareness about the risks of unpatched software and social engineering attacks.
---
Conclusion
CISA’s addition of these four vulnerabilities to the KEV Catalog serves as a critical reminder of the importance of proactive vulnerability management. While federal agencies are required to act, all organizations must prioritize patching to safeguard their systems against evolving cyber threats. Failure to address these vulnerabilities could result in severe consequences, including data breaches, financial losses, and operational disruptions.
For more details, refer to CISA’s [official advisory](https://www.cisa.gov/news-events/alerts/2026/02/17/cisa-adds-four-known-exploited-vulnerabilities-catalog).
---
References
[^1]: CISA. "[CISA Adds Four Known Exploited Vulnerabilities to Catalog](https://www.cisa.gov/news-events/alerts/2026/02/17/cisa-adds-four-known-exploited-vulnerabilities-catalog)". Retrieved 2025-01-24.
[^2]: MITRE. "[CVE-2008-0015 Detail](https://www.cve.org/CVERecord?id=CVE-2008-0015)". Retrieved 2025-01-24.
[^3]: MITRE. "[CVE-2020-7796 Detail](https://www.cve.org/CVERecord?id=CVE-2020-7796)". Retrieved 2025-01-24.
[^4]: MITRE. "[CVE-2024-7694 Detail](https://www.cve.org/CVERecord?id=CVE-2024-7694)". Retrieved 2025-01-24.
[^5]: MITRE. "[CVE-2026-2441 Detail](https://www.cve.org/CVERecord?id=CVE-2026-2441)". Retrieved 2025-01-24.