Ethical Hacking News
The latest vulnerabilities added to CISA's KEV catalog highlight the need for vigilance in protecting against exploited flaws. A closer look at the new additions reveals the importance of addressing identified vulnerabilities and adhering to laws and regulations regarding data protection. As threat actors continue to exploit vulnerabilities, it is essential for organizations and individuals to stay informed about the latest developments in cybersecurity.
CISA has added several new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including flaws in Sitecore, Android, and Linux. CVE-2025-38352, a privilege escalation flaw in the Linux Kernel component, is being actively exploited by threat actors in spyware attacks. CVE-2025-48543, another privilege escalation flaw in the Android Runtime component, is also being actively exploited without disclosed technical details. CVE-2025-53690, a deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP), allows code injection and impacts Experience Manager (XM) and Experience Platform (XP). Federal agencies and private organizations are recommended to address the identified vulnerabilities by September 25, 2025.
In recent weeks, the Cybersecurity and Infrastructure Security Agency (CISA) has added several new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The additions include flaws in Sitecore, Android, and Linux, which are being actively exploited by threat actors.
CVE-2025-38352, a privilege escalation flaw in the Linux Kernel component, is one of the new additions to CISA's KEV catalog. According to Google's Threat Analysis Group (TAG), this vulnerability may have been exploited by advanced threat actors in spyware attacks. The vulnerability allows local privilege escalation without extra permissions or user interaction.
CVE-2025-48543, another privilege escalation flaw in the Android Runtime component, is also being actively exploited. However, CISA has not disclosed any technical details on the exploitation of this particular vulnerability.
The third addition to the KEV catalog is CVE-2025-53690, a deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP). This vulnerability allows code injection and impacts Experience Manager (XM): through 9.0; Experience Platform (XP): through 9.0.
In light of these additions to the KEV catalog, CISA has ordered federal agencies to address the identified vulnerabilities by September 25, 2025. Experts also recommend that private organizations review the Catalog and address the vulnerabilities in their infrastructure.
Furthermore, Google released security updates to address 120 Android vulnerabilities as part of Android Security Bulletin – September 2025. Two of these vulnerabilities have been exploited in targeted attacks. The two flaws are identified as CVE-2025-38352 (CVSS score: 7.4) and CVE-2025-48543 (CVSS score: N/A).
In addition to the vulnerabilities added by CISA, a recent incident involving SVG files has highlighted the need for vigilance in protecting against hidden malware campaigns. The incident involved SVG files used in a malicious campaign impersonating Colombian authorities.
Recently, France's CNIL fined Google $379M and Shein $175M for breaching cookie rules. This fine highlights the importance of adhering to laws and regulations regarding data protection.
Furthermore, a $10M reward has been offered for Russia's FSB officers accused of hacking US Critical infrastructure. This development underscores the ongoing threat posed by state-sponsored actors.
Lastly, a severe Hikvision HikCentral product flaw has been identified, which raises concerns about the security of IoT devices. Experts recommend that users be aware of this flaw and take necessary precautions to protect themselves.
In conclusion, the recent additions to CISA's KEV catalog serve as a reminder of the ongoing threat posed by exploited vulnerabilities. It is essential for organizations and individuals to stay vigilant in protecting against these threats.
The latest vulnerabilities added to CISA's KEV catalog highlight the need for vigilance in protecting against exploited flaws. A closer look at the new additions reveals the importance of addressing identified vulnerabilities and adhering to laws and regulations regarding data protection. As threat actors continue to exploit vulnerabilities, it is essential for organizations and individuals to stay informed about the latest developments in cybersecurity.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Recent-Uptick-in-Vulnerability-Exploitation-A-Closer-Look-at-the-Latest-Exploited-Flaws-ehn.shtml
Published: Fri Sep 5 07:26:00 2025 by llama3.2 3B Q4_K_M
