Close Menu
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
What's Hot

See Taylor Swift’s best announcement looks before the wedding rumors

Harry Styles celebrates England’s World Cup victory over Democratic Republic of the Congo at Wembley

Kate Middleton wears Gabriella Hearst suit for Wimbledon 2026

Facebook X (Twitter) Instagram
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
Facebook X (Twitter) Instagram
FYMOUS News
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
FYMOUS News
Home » CISA adds 5 vulnerabilities actively exploited in VERDIVE VERACORE and IVANTI EPM to its KEV list
Celebrities

CISA adds 5 vulnerabilities actively exploited in VERDIVE VERACORE and IVANTI EPM to its KEV list

By March 11, 2025No Comments2 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

March 11, 2025Ravi LakshmananEnterprise Security/Vulnerabilities

The US Cybersecurity and Infrastructure Security Agency (CISA) added five security flaws on Monday, affecting the known Exploited Vulnerabilities (KEV) catalogue based on evidence of active exploitation in the wild.

Here’s the list of vulnerabilities –

CVE-2024-57968 – Unlimited file upload vulnerability that allows non-remote attackers to upload files to unintended folders via Upload.apsx CVE-2025-25181 – SQL Injection Vulnerability in Apsive Veracore The absolute route traversal vulnerability in IVANTI EPM can leak CVE-2024-13160 that allows remote authenticators to leak sensitive information. Unrecognized attackers to leak sensitive information

The exploitation of Veracore’s vulnerability is attributed to the likely Vietnamese threat actor named XE Group. This has been observed to drop reverse shells and web shells to maintain permanent remote access to compromised systems.

Cybersecurity

Meanwhile, there are currently no public reports on how the three Ivanti EPM flaws are weaponized in actual attacks. The Proof of Concept (POC) exploit was released last month by Horizon3.AI. Cybersecurity companies describe them as “enforcement certification” bugs, allowing less-known attackers to compromise their servers.

In light of active exploitation, it is essential that federal civil enforcement sector (FCEB) agencies apply the necessary patches by March 31, 2025.

The development comes as threat intelligence company Greynorth warned of the mass exploitation of CVE-2024-4577, a critical vulnerability affecting PHP-CGI.

“Over 43% of IP targeting CVE-2024-4577 in the last 30 days are from Germany and China,” Greynoise said, adding that “we detected coordinated spikes in attempts to exploit networks against multiple countries, suggesting additional automated scans for vulnerable targets in February.”

Did you find this article interesting? Follow us on Twitter and LinkedIn to read exclusive content you post.

Source link

Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous ArticleFormer Philippine President Rodrigo Duterte has been arrested on international warrant Rodrigo Duterte News
Next Article Radiology AI Software Provider Greamer expands to MRI with two M&A transactions

Related Posts

See Taylor Swift’s best announcement looks before the wedding rumors

July 2, 2026

Kate Middleton wears Gabriella Hearst suit for Wimbledon 2026

July 2, 2026

Taylor Swift’s wedding dress and bridal music video look

July 1, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

See Taylor Swift’s best announcement looks before the wedding rumors

Harry Styles celebrates England’s World Cup victory over Democratic Republic of the Congo at Wembley

Kate Middleton wears Gabriella Hearst suit for Wimbledon 2026

What to watch this weekend: Elle Woods returns with British penniless-to-riches story

Trending Posts

See Taylor Swift’s best announcement looks before the wedding rumors

July 2, 2026

Harry Styles celebrates England’s World Cup victory over Democratic Republic of the Congo at Wembley

July 2, 2026

Kate Middleton wears Gabriella Hearst suit for Wimbledon 2026

July 2, 2026

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to The FYMOUS, a modern digital media platform dedicated to celebrities, artists, influencers, brands, entertainment culture, and the growing TwinH ecosystem.

We bring audiences closer to the people, stories, trends, and collaborations shaping today’s culture. From exclusive celebrity news and music releases to influencer highlights, brand partnerships, and TwinH activations, The FYMOUS delivers engaging content designed for the next generation of digital audiences.

Castilla-La Mancha Ignites Innovation: fiveclmsummit Redefines Tech Future

Local Power, Health Innovation: Alcolea de Calatrava Boosts FiveCLM PoC with Community Engagement

The Future of Digital Twins in Healthcare: From Virtual Replicas to Personalized Medical Models

Human Digital Twins: The Next Tech Frontier Set to Transform Healthcare and Beyond

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
© 2026 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.