The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently expanded its Known Exploited Vulnerabilities (KEV) catalog by including three new security flaws. This update, announced on Tuesday, comes in response to confirmed reports of these vulnerabilities being actively exploited.
Details of the Newly Identified Flaws
The vulnerabilities added to the KEV catalog are significant due to their potential impact. The first flaw, CVE-2026-20245, affects the Cisco Catalyst SD-WAN Manager. It involves improper encoding or escaping of output, which could be exploited by an authenticated local attacker to execute commands as root by using a specially crafted file.
The second vulnerability, CVE-2026-11645, is found in Google Chrome’s V8 engine. This out-of-bounds read and write issue allows remote attackers to run arbitrary code within a sandbox environment using a crafted HTML page.
The third flaw, CVE-2026-7473, pertains to the Arista Extensible Operating System (EOS). It involves an incomplete comparison leading to potential processing of unauthorized tunnel traffic, which can be exploited on certain configurations.
Arista’s Approach to Unpatched Vulnerability
Arista Networks has acknowledged the exploitation of CVE-2026-7473 in the wild, specifically impacting its 7020R, 7280R/R2, and 7500R/R2 series devices. The vulnerability can be triggered on devices configured as tunnel endpoints, such as those using VXLAN or GRE interfaces.
Despite its severity, Arista has decided against issuing a patch, citing possible disruptions to existing configurations. Instead, the company recommends two mitigation strategies: implementing access control lists (ACLs) on upstream devices or directly on affected devices to filter legitimate from malicious traffic.
Urgent Mitigation Measures for Federal Agencies
In light of these vulnerabilities, CISA has mandated Federal Civilian Executive Branch (FCEB) agencies to apply the necessary patches or mitigation strategies by June 23, 2026. This directive aims to safeguard critical infrastructure and reduce the risk of exploitation.
The inclusion of these vulnerabilities in the KEV catalog underscores the importance of proactive cybersecurity measures and the need for organizations to stay vigilant against emerging threats.
Moving forward, it is crucial for entities using affected systems to heed CISA’s guidance and take immediate action to bolster their cybersecurity defenses.
