CISA adds three known exploited vulnerabilities to catalog

The Cybersecurity and Infrastructure Security Agency has incorporated three additional vulnerabilities into its Known Exploited Vulnerabilities (KEV) Catalog following verified instances of exploitation. These vulnerabilities affect WatchGuard Firebox, Gladinet Triofox, and Microsoft Windows systems and involve out-of-bounds write, improper access control, and race condition flaws respectively, with potential impacts on enterprise security.

The vulnerabilities added include CVE-2025-9242, an out-of-bounds write issue in WatchGuard Firebox; CVE-2025-12480, an improper access control vulnerability in Gladinet Triofox; and CVE-2025-62215, a race condition vulnerability impacting Microsoft Windows. These flaws have been observed to be actively exploited. The catalog functions as a dynamic list documenting Common Vulnerabilities and Exposures (CVE) that pose notable threats to federal systems.

The consequences associated with these vulnerabilities consist of unauthorized actions or disruption of affected services. Active exploitation details confirm risks to network integrity and information security for federal agencies and potentially other entities utilizing the impacted products.

Remediation directives under Binding Operational Directive (BOD) 22-01 mandate federal agencies to address cataloged vulnerabilities within prescribed deadlines to safeguard their networks. The directive establishes procedures for vulnerability management focused on reducing exposure to identified threats. Updates such as these are incorporated as criteria for known exploitation are satisfied.

While BOD 22-01 applies solely to the Federal Civilian Executive Branch, organizations are encouraged to incorporate prioritization of catalog vulnerabilities into their security protocols. Continuous additions to the KEV Catalog will be made as new vulnerabilities meeting established guidelines are identified.