CISA (Cybersecurity and Infrastructure Security Agency) has recently added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog. This addition emphasizes the agency’s proactive approach in monitoring and mitigating security threats that could severely impact federal operations and other organizations. The new entries highlight several critical vulnerabilities associated with widely-used software and systems, making them significant targets for cybercriminals.
The listed vulnerabilities are:
-
CVE-2025-4427: This vulnerability pertains to the Ivanti Endpoint Manager Mobile (EPMM) and involves an authentication bypass issue that could allow unauthorized access to sensitive mobile management functions.
-
CVE-2025-4428: Another vulnerability in Ivanti EPMM, it relates to a code injection issue that could enable attackers to run malicious code within the system, potentially compromising the integrity of the managed devices.
-
CVE-2024-11182: This vulnerability is associated with MDaemon’s email site scripting and represents a cross-site scripting (XSS) risk, which could allow attackers to execute harmful scripts in the context of a user’s session.
-
CVE-2025-27920: This vulnerability affects the SRIMAX Output Messenger, allowing attackers to traverse directories, which could lead to unauthorized access to system files or sensitive information.
-
CVE-2024-27443: This is another XSS vulnerability, this time involving the Synacor Zimbra Collaboration Suite (ZCS). It poses similar risks as other XSS vulnerabilities, compromising user data and potentially damaging the software’s functionality.
- CVE-2023-38950: This vulnerability affects ZKTeco’s Biotime system, presenting a path traversal issue that might allow unauthorized access to restricted directories or files.
These vulnerabilities serve as common attack vectors for malicious actors, posing significant risks to federal enterprises and threatening sensitive information security. To mitigate these risks, CISA relies on its Binding Operational Directive (BOD) 22-01, which mandates the reduction of significant risks stemming from known exploited vulnerabilities. This directive aims to bolster federal agencies’ defenses against active threats by ensuring timely remediation efforts.
BOD 22-01 is designed to serve as a continual reference for vulnerabilities and common exposures (CVE) that present substantial risks to federal operations. It compels Executive Branch agencies to address identified vulnerabilities by a specific deadline to safeguard their networks from active exploitation.
While BOD 22-01 specifically targets Federal Civil Executive Branch (FCEB) agencies, CISA encourages all organizations—regardless of their classification—to prioritize the timely remediation of cataloged vulnerabilities. This proactive approach forms a critical component of effective vulnerability management practice and helps organizations reduce their exposure to cyber attacks.
In summary, the addition of these six vulnerabilities to CISA’s catalog highlights the ongoing efforts to identify and mitigate potential threats in the digital landscape, particularly for federal entities. Through adherence to BOD 22-01, agencies are urged to fortify their cybersecurity practices and conduct regular assessments to ensure they are adequately protected against the evolving threat landscape. CISA is committed to continually updating the catalog based on new findings and established criteria, reinforcing the importance of proactive vulnerability management across all sectors.