CISA adds one known exploited vulnerability to catalog

CISA has expanded its Known Exploited Vulnerabilities (KEV) Catalog with an entry concerning a security flaw in the Motex LANSCOPE Endpoint Manager. This vulnerability involves improper verification processes within communication channels and carries risks related to active cyber exploitation.

The identified vulnerability, registered as CVE-2025-61932, affects the Motex LANSCOPE Endpoint Manager by failing to correctly verify the origin of communications. The issue pertains specifically to how the system manages established communication channels, allowing potential exploitation under certain conditions. This addition to the KEV is based on instances of ongoing exploitation noted by CISA.

The consequences of this vulnerability include exposure to attacks through compromised communication channels within the affected management software. Such exposure could facilitate unauthorized interactions or control, as explicit in the advisory.

To address this security concern, CISA has incorporated the vulnerability into its KEV Catalog, offering a framework for remediation. Federal Civilian Executive Branch (FCEB) agencies are required to remediate this and other listed vulnerabilities under Binding Operational Directive (BOD) 22-01 to mitigate real-world threats.

The BOD 22-01 establishes the KEV Catalog as a dynamic repository of CVEs that present substantial risk to federal information systems. It mandates that FCEB entities resolve these known vulnerabilities by specified deadlines to safeguard federal networks. While compliance is obligatory for federal agencies, CISA recommends that all organizations prioritize management of KEV-listed vulnerabilities within their cybersecurity protocols to diminish exposure to similar exploits.