Summary: The U.S. Cybersecurity and Infrastructure Security Agency has added five critical vulnerabilities to its Known Exploited Vulnerabilities catalog, affecting Advantive VeraCore and Ivanti Endpoint Manager. These vulnerabilities, actively exploited by threat actors, include file upload and SQL injection flaws in Advantive and multiple path traversal issues in Ivanti. Federal agencies are urged to apply necessary patches by March 31, 2025, to mitigate risks.
Affected: Advantive VeraCore, Ivanti Endpoint Manager
Keypoints :
- CVE-2024-57968: Unrestricted file upload vulnerability in Advantive VeraCore.
- CVE-2025-25181: SQL injection vulnerability allows arbitrary command execution in Advantive VeraCore.
- Three vulnerabilities (CVE-2024-13159, CVE-2024-13160, CVE-2024-13161) discovered in Ivanti EPM enable sensitive information leakage.
- Exploitation attributed to the Vietnamese threat actor XE Group.
- Federal agencies must patch these vulnerabilities by March 31, 2025.
Source: https://thehackernews.com/2025/03/cisa-adds-five-actively-exploited.html