Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

The Latest Vulnerability Catalog Additions: A Growing Concern for Cybersecurity



The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added several vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including CVE-2021-21311, CVE-2025-20352, CVE-2025-10035, CVE-2025-59689, and CVE-2025-32463. These additions highlight the ongoing threat landscape in cybersecurity and emphasize the importance of keeping software up-to-date with the latest patches to prevent exploitation by malicious actors.

  • CISA has added several vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, highlighting the ongoing threat landscape in cybersecurity.
  • CVE-2021-21311 is a Server-Side Request Forgery (SSRF) vulnerability in Adminer that allows unauthorized access or data exposure.
  • CVE-2025-20352 is a stack-based buffer overflow vulnerability in Cisco IOS and IOS XE Software that can lead to remote authenticated attacks.
  • CVE-2025-10035 is a deserialization vulnerability in Fortra's GoAnywhere MFT software that allows arbitrary command execution.
  • CVE-2025-59689 is a command injection vulnerability in Libraesva's Email Security Gateway that allows attackers to run arbitrary commands as a non-privileged user.
  • CVE-2025-32463 is an Inclusion of Functionality from Untrusted Control Sphere vulnerability in Sudo that allows local attackers to escalate privileges to root.



    • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added several vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, a move that highlights the ongoing threat landscape in the world of cybersecurity. The additions include CVE-2021-21311, CVE-2025-20352, CVE-2025-10035, CVE-2025-59689, and CVE-2025-32463, each with its unique set of characteristics and potential impact on organizations.



    CVE-2021-21311 is a Server-Side Request Forgery (SSRF) vulnerability in Adminer, a popular open-source database management tool. This flaw allows an attacker to redirect the admin user to a malicious URL, potentially leading to unauthorized access or data exposure. The vulnerability has been reported by various sources, and organizations are advised to upgrade to the latest version of Adminer to mitigate the risk.



    CVE-2025-20352 is a stack-based buffer overflow vulnerability in Cisco IOS and IOS XE Software, which can lead to remote authenticated attacks with low privileges or even root code execution on high-privilege devices. This flaw was identified by the Product Security Incident Response Team (PSIRT) at Cisco, who have reported several incidents involving this vulnerability in the wild. Organizations running Cisco devices are urged to apply patches as soon as possible to prevent exploitation.



    CVE-2025-10035 is a deserialization vulnerability in Fortra's GoAnywhere MFT software, which can allow an attacker to execute arbitrary commands on affected systems. This flaw was discovered by watchTowr Labs and has been confirmed to have been actively exploited in attacks as early as September 10, 2025, more than a week before it was publicly disclosed. Organizations using Fortra's GoAnywhere MFT are advised to upgrade to the latest version or implement mitigating controls to prevent exploitation.



    CVE-2025-59689 is a command injection vulnerability in Libraesva's Email Security Gateway, which can allow attackers to run arbitrary commands as a non-privileged user due to improper sanitization of code. This flaw was identified by nation-state actors who have reportedly exploited it in at least one incident. Organizations using Libraesva's Email Security Gateway are urged to apply patches and restrict public access to the admin console to prevent exploitation.



    CVE-2025-32463 is an Inclusion of Functionality from Untrusted Control Sphere vulnerability in Sudo, which can allow local attackers to escalate privileges to root on affected systems. This flaw was also discovered by watchTowr Labs and has been confirmed to have been actively exploited in attacks as early as September 10, 2025. Organizations using Sudo are advised to upgrade to the latest version or implement mitigating controls to prevent exploitation.



    The addition of these vulnerabilities to the KEV catalog highlights the ongoing threat landscape in the world of cybersecurity and emphasizes the importance of keeping software up-to-date with the latest patches. Organizations must take proactive steps to address these vulnerabilities and ensure the security of their networks against potential attacks exploiting these flaws.



    Furthermore, the recent exploits of these vulnerabilities demonstrate the growing sophistication and capabilities of nation-state actors and other threat groups. As organizations continue to rely on software and systems that are vulnerable to exploitation, it is essential for them to stay vigilant and proactive in addressing these threats.



    In conclusion, the addition of these vulnerabilities to the KEV catalog serves as a reminder of the ongoing importance of cybersecurity in today's digital landscape. Organizations must prioritize the implementation of robust security controls, regular patching, and employee education to mitigate the risk of exploitation by malicious actors.



    As cyber threats continue to evolve, it is essential for organizations to stay informed about the latest vulnerabilities and exploits. By doing so, they can take proactive steps to protect their networks and systems against potential attacks.





    Related Information:
  • https://www.ethicalhackingnews.com/articles/The-Latest-Vulnerability-Catalog-Additions-A-Growing-Concern-for-Cybersecurity-ehn.shtml

    • Published: Tue Sep 30 07:36:27 2025 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us