CISA updates Known Exploited Vulnerabilities Catalog with CVE-2025-54948

CISA has updated its Known Exploited Vulnerabilities (KEV) Catalog by including a new vulnerability based on evidence of active exploitation. This addition is crucial for IT decision-makers as it highlights ongoing risks in the cybersecurity landscape.

New Vulnerability Entry

The recently added vulnerability is identified as CVE-2025-54948, which is associated with the Trend Micro Apex One Operating System (OS) Command Injection. Such vulnerabilities are known attack vectors for cybercriminals, presenting substantial risks to governmental networks.

Regulatory Context

The Binding Operational Directive (BOD) 22-01 established the KEV Catalog as an essential resource for identifying significant Common Vulnerabilities and Exposures (CVE) (CVEs). This directive mandates that Federal Civilian Executive Branch agencies remediate identified vulnerabilities promptly to safeguard their networks from active threats.

Broader Recommendations

While BOD 22-01 specifically applies to Federal Civilian Executive Branch agencies, CISA encourages all organizations to prioritize the remediation of KEV Catalog vulnerabilities. Timely addressing these issues is a recommended practice within vulnerability management frameworks.

This update serves as a timely reminder for organizations to stay vigilant regarding cybersecurity threats and to take action against known vulnerabilities. This summary reflects a fact-based overview of the original blog post regarding the new entry into CISA's vulnerability catalog.