CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog

CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog

Posted on By CWS

The US cybersecurity company CISA on Thursday expanded its Recognized Exploited Vulnerabilities (KEV) catalog with two safety defects impacting XWiki and VMware merchandise.

The XWiki flaw, tracked as CVE-2025-24893 (CVSS rating of 9.8), is an improper sanitization of search parameters that may be exploited remotely, with out authentication, to inject malicious code through specifically crafted search requests.

Profitable exploitation of the difficulty permits attackers to execute code with the privileges of the online server, to leak delicate info, or disrupt survey operations.

Proof-of-concept (PoC) exploits concentrating on the bug have been out there for roughly half a 12 months and exploitation makes an attempt had been initially noticed in March, albeit they had been flagged as reconnaissance efforts.

Earlier this week, nevertheless, VulnCheck warned {that a} menace actor has been exploiting the XWiki vulnerability to drop a cryptocurrency miner.

The VMware defect, tracked as CVE-2025-41244 (CVSS rating of seven.8), is an area privilege escalation flaw affecting Aria Operations and VMware Instruments that permits authenticated attackers to acquire root privileges on a VM that has VMware Instruments put in and is managed by Aria Operations with SDMP enabled.

Broadcom rolled out fixes for the bug in late September, however failed to say its in-the-wild exploitation. NVISO, which was credited for reporting the difficulty, reported that Chinese language menace actors have been concentrating on the CVE for roughly a 12 months.

On Thursday, Broadcom up to date its advisory, noting that it “has info to recommend that suspected exploitation of CVE-2025-41244 has occurred within the wild”.Commercial. Scroll to proceed studying.

Concurrently, CISA added the CVE, together with the XWiki defect, to the KEV record, urging federal businesses to patch them by November 20, as mandated by Binding Operational Directive (BOD) 22-01.

Associated: CISA Warns of Exploited DELMIA Manufacturing facility Software program Vulnerabilities

Associated: 12 months-Outdated WordPress Plugin Flaws Exploited to Hack Web sites

Associated: Important Home windows Server WSUS Vulnerability Exploited within the Wild

Associated: Lanscope Endpoint Supervisor Zero-Day Exploited within the Wild

Security Week News Tags:, , , , , , ,

Related Posts

Possible Zero-Day Patched in SonicWall SMA Appliances Possible Zero-Day Patched in SonicWall SMA Appliances Security Week News
Man Who Hacked Organizations to Advertise Security Services Pleads Guilty Man Who Hacked Organizations to Advertise Security Services Pleads Guilty Security Week News
Million Worth of Bitcoin Seized in Cryptomixer Takedown $29 Million Worth of Bitcoin Seized in Cryptomixer Takedown Security Week News
Senate Committee Advances Trump Nominee to Lead CISA Senate Committee Advances Trump Nominee to Lead CISA Security Week News
Remote CarPlay Hack Puts Drivers at Risk of Distraction and Surveillance Remote CarPlay Hack Puts Drivers at Risk of Distraction and Surveillance Security Week News
Who is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI Releases Who is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI Releases Security Week News