CISA – MCYSEKA-Maritime Cyber Security Knowledge Archive

U.S. CISA adds a Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium V8 flaw, tracked as CVE-2025-13223, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Google released Chrome security updates to address two flaws, including a high-severity V8 type confusion […]

November 20, 2025

0 comment

Fortinet Issues Fixes as FortiWeb Takeover Flaw Sees Active Attacks

Two FortiWeb vulnerabilities, including a critical unauthenticated bypass (CVE-2025-64446), are under attack. Check logs for rogue admin accounts and upgrade immediately.

November 19, 2025

0 comment

U.S. CISA adds a new Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA has added a second Fortinet FortiWeb vulnerability in just a few days to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiWeb flaw, tracked as CVE-2025-58034 (CVSS score of 6.7), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Fortinet patched a new FortiWeb zero-day, tracked […]

November 19, 2025

0 comment

Stealth-patched FortiWeb vulnerability under active exploitation (CVE-2025-58034)

Attackers are actively exploiting another FortiWeb vulnerability (CVE-2025-58034) that Fortinet fixed without making its existence public at the time. About CVE-2025-58034 CVE-2025-58034 is an OS Command Injection flaw caused by improper neutralization…

November 19, 2025

0 comment

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiWeb flaw, tracked as CVE-2025-64446 (CVSS score of 9.1), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is a relative path traversal issue in Fortinet FortiWeb 8.0.0 […]

November 15, 2025

0 comment

CISA Warns of Active Attacks on Cisco ASA and Firepower Flaws

CISA issues an urgent directive for all organizations to patch Cisco ASA and Firepower devices against CVE-2025-20362 and CVE-2025-20333, exploited in the ArcaneDoor campaign. Verify the correct version now!

November 14, 2025

0 comment

CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks

Federal agencies have reported as ‘patched’ ASA or FTD devices running software versions vulnerable to attacks.
The post CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks appeared first on SecurityWeek.

November 13, 2025

0 comment

“Patched” but still exposed: US federal agencies must remediate Cisco flaws (again)

CISA has ordered US federal agencies to fully address two actively exploited vulnerabilities (CVE-2025-20333, CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) and Firepower firewalls. “In CISA’s analysis of agency-reported data, CISA h…

November 13, 2025

0 comment

U.S. CISA adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added WatchGuard Firebox, Microsoft Windows, and Gladinet Triofox flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: In mid-October, […]

November 13, 2025

0 comment

CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042)

CISA has added CVE-2025-21042, a vulnerability affecting Samsung mobile devices, to its Known Exploited Vulnerabilities (KEV) catalog, and has ordered US federal civilian agencies to address it by the start of December. “This type of vulnerabilit…

November 11, 2025

0 comment

1 2 3 … 30