CISA Updates KEV Catalog with Four Critical Vulnerabilities Amid Active Exploitation
TL;DR
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four critical security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog due to ongoing exploitation. These vulnerabilities impact various systems and applications, emphasizing the urgent need for mitigation measures to protect against active threats.
CISA Adds Four Critical Vulnerabilities to KEV Catalog
On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added four critical security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This update comes in response to evidence of active exploitation in the wild1.
The vulnerabilities added to the catalog are:
- CVE-2014-3931 (CVSS score: 9.8): A buffer overflow vulnerability in Multi-Router Looking Glass (MRLG) that could allow remote attackers to cause a denial of service or execute arbitrary code.
Importance of KEV Catalog Updates
CISA’s KEV catalog serves as a crucial resource for cybersecurity professionals, providing timely information on vulnerabilities that are being actively exploited. This helps organizations prioritize patching and mitigation efforts to protect their systems from known threats.
By adding these four critical vulnerabilities to the KEV catalog, CISA underscores the importance of prompt action to address these security risks. Organizations are advised to implement the necessary patches and updates to safeguard against potential attacks.
Conclusion
The addition of these four critical vulnerabilities to CISA’s KEV catalog highlights the ongoing need for vigilance in the cybersecurity landscape. Organizations must stay informed about active threats and take proactive measures to protect their systems from exploitation.
For more details, visit the full article: source
-
(2025-07-08). “CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation”. The Hacker News. Retrieved 2025-07-08. ↩︎