|
1 | 1 | { |
2 | 2 | "title": "CISA Catalog of Known Exploited Vulnerabilities", |
3 | | - "catalogVersion": "2025.09.25", |
4 | | - "dateReleased": "2025-09-25T16:17:38.0447Z", |
5 | | - "count": 1417, |
| 3 | + "catalogVersion": "2025.09.29", |
| 4 | + "dateReleased": "2025-09-29T20:00:02.7721Z", |
| 5 | + "count": 1422, |
6 | 6 | "vulnerabilities": [ |
| 7 | + { |
| 8 | + "cveID": "CVE-2025-32463", |
| 9 | + "vendorProject": "Sudo", |
| 10 | + "product": "Sudo", |
| 11 | + "vulnerabilityName": "Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability", |
| 12 | + "dateAdded": "2025-09-29", |
| 13 | + "shortDescription": "Sudo contains an inclusion of functionality from untrusted control sphere vulnerability. This vulnerability could allow local attacker to leverage sudo\u2019s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.", |
| 14 | + "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", |
| 15 | + "dueDate": "2025-10-20", |
| 16 | + "knownRansomwareCampaignUse": "Unknown", |
| 17 | + "notes": "This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https:\/\/www.sudo.ws\/security\/advisories\/chroot_bug\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-32463", |
| 18 | + "cwes": [ |
| 19 | + "CWE-829" |
| 20 | + ] |
| 21 | + }, |
| 22 | + { |
| 23 | + "cveID": "CVE-2025-59689", |
| 24 | + "vendorProject": "Libraesva", |
| 25 | + "product": "Email Security Gateway", |
| 26 | + "vulnerabilityName": "Libraesva Email Security Gateway Command Injection Vulnerability", |
| 27 | + "dateAdded": "2025-09-29", |
| 28 | + "shortDescription": "Libraesva Email Security Gateway (ESG) contains a command injection vulnerability which allows command injection via a compressed e-mail attachment.", |
| 29 | + "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", |
| 30 | + "dueDate": "2025-10-20", |
| 31 | + "knownRansomwareCampaignUse": "Unknown", |
| 32 | + "notes": "https:\/\/docs.libraesva.com\/knowledgebase\/security-advisory-command-injection-vulnerability-cve-2025-59689\/ ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-59689", |
| 33 | + "cwes": [ |
| 34 | + "CWE-77" |
| 35 | + ] |
| 36 | + }, |
| 37 | + { |
| 38 | + "cveID": "CVE-2025-10035", |
| 39 | + "vendorProject": "Fortra", |
| 40 | + "product": "GoAnywhere MFT", |
| 41 | + "vulnerabilityName": "Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability", |
| 42 | + "dateAdded": "2025-09-29", |
| 43 | + "shortDescription": "Fortra GoAnywhere MFT contains a deserialization of untrusted data vulnerability allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.", |
| 44 | + "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", |
| 45 | + "dueDate": "2025-10-20", |
| 46 | + "knownRansomwareCampaignUse": "Unknown", |
| 47 | + "notes": "https:\/\/www.fortra.com\/security\/advisories\/product-security\/fi-2025-012 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-10035", |
| 48 | + "cwes": [ |
| 49 | + "CWE-502", |
| 50 | + "CWE-77" |
| 51 | + ] |
| 52 | + }, |
| 53 | + { |
| 54 | + "cveID": "CVE-2025-20352", |
| 55 | + "vendorProject": "Cisco", |
| 56 | + "product": "IOS and IOS XE", |
| 57 | + "vulnerabilityName": "Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability", |
| 58 | + "dateAdded": "2025-09-29", |
| 59 | + "shortDescription": "Cisco IOS and IOS XE contains a stack-based buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) subsystem that could allow for denial of service or remote code execution. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system.", |
| 60 | + "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", |
| 61 | + "dueDate": "2025-10-20", |
| 62 | + "knownRansomwareCampaignUse": "Unknown", |
| 63 | + "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-snmp-x4LPhte ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-20352", |
| 64 | + "cwes": [ |
| 65 | + "CWE-121" |
| 66 | + ] |
| 67 | + }, |
| 68 | + { |
| 69 | + "cveID": "CVE-2021-21311", |
| 70 | + "vendorProject": "Adminer", |
| 71 | + "product": "Adminer", |
| 72 | + "vulnerabilityName": "Adminer Server-Side Request Forgery Vulnerability", |
| 73 | + "dateAdded": "2025-09-29", |
| 74 | + "shortDescription": "Adminer contains a server-side request forgery vulnerability that, when exploited, allows a remote attacker to obtain potentially sensitive information.", |
| 75 | + "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", |
| 76 | + "dueDate": "2025-10-20", |
| 77 | + "knownRansomwareCampaignUse": "Unknown", |
| 78 | + "notes": "https:\/\/github.com\/vrana\/adminer\/security\/advisories\/GHSA-x5r2-hj5c-8jx6 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-21311", |
| 79 | + "cwes": [ |
| 80 | + "CWE-918" |
| 81 | + ] |
| 82 | + }, |
7 | 83 | { |
8 | 84 | "cveID": "CVE-2025-20362", |
9 | 85 | "vendorProject": "Cisco", |
|
0 commit comments