Ethical Hacking News
U.S. Cybersecurity agencies have added multiple critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, emphasizing the urgent need for proactive security measures among federal agencies and private sector organizations across the United States. By staying informed about these newly disclosed vulnerabilities and taking prompt action to address them, individuals can significantly bolster their cybersecurity posture against emerging threats.
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The first vulnerability, CVE-2019-19006, affects Sangoma FreePBX and allows unauthenticated access to the PBX web interface. The second vulnerability, CVE-2021-39935, involves a Server-Side Request Forgery (SSRF) issue in GitLab Community and Enterprise Editions. The third vulnerability, CVE-2025-40551, pertains to deserialization of untrusted data in SolarWinds Web Help Desk and enables remote code execution. CISA has ordered federal agencies to address the identified vulnerabilities within their timelines. Private organizations are advised to review the KEV catalog and implement remediation measures to mitigate potential risks.
The world of cybersecurity is always on high alert when it comes to new and emerging threats. Recently, the United States Cybersecurity and Infrastructure Security Agency (CISA) has taken significant steps in acknowledging and addressing a growing number of exploitable vulnerabilities within its vast network of systems and infrastructure. This acknowledgment marks a crucial shift towards proactive security measures as CISA continues to work diligently with various stakeholders across the country to enhance overall cybersecurity posture.
According to recent reports, three critical vulnerabilities have been added to CISA's Known Exploited Vulnerabilities (KEV) catalog, which serves as a list of actively exploited vulnerabilities that pose significant risks to U.S. government agencies and private sector organizations alike. The first vulnerability, CVE-2019-19006, affects Sangoma FreePBX and pertains to an improper authentication flaw that enables attackers to gain full administrative access without valid credentials. This means an unauthenticated user can effectively take control of the PBX web interface, change configurations, access call logs, and manage users, all without needing to know any password.
The second vulnerability, CVE-2021-39935, concerns a Server-Side Request Forgery (SSRF) issue in GitLab Community and Enterprise Editions, allowing attackers to achieve unauthorized access to sensitive data by exploiting specific vulnerabilities within the software. In particular, researchers have observed an uptick in exploitation attempts across multiple unique IPs actively targeting this vulnerability. The pattern of these attacks suggests a level of automation or pre-compromise reconnaissance rather than typical botnet activity.
In addition to these two significant vulnerabilities, CISA has also added CVE-2025-40551 to the KEV catalog, which pertains to deserialization of untrusted data in SolarWinds Web Help Desk. This vulnerability enables an unauthenticated attacker to achieve remote code execution on underlying host systems, thereby potentially leading to a complete compromise of affected servers.
Lastly, CVE-2025-64328 has been added, which involves an OS command injection vulnerability in Sangoma FreePBX. Once logged in, an attacker can inject arbitrary operating system commands through the testconnection function, executed with the privileges of the asterisk user. This capability can lead to full server takeover, data theft, or use of the system as a pivot into the wider network.
In light of these new vulnerabilities being added to CISA's KEV catalog, federal agencies have been ordered by the agency to address all identified vulnerabilities on their respective timelines to protect against attacks exploiting these flaws. Additionally, private organizations are advised to review the catalog and implement remediation measures within their infrastructure to mitigate potential risks posed by these newly disclosed vulnerabilities.
It is essential to stay vigilant as new threats continue to emerge in today's rapidly evolving cyber landscape. The proactive measures being taken by CISA serve as a crucial reminder of the importance of ongoing vigilance and preparedness in maintaining robust cybersecurity defenses against emerging threats.
Related Information:
https://www.ethicalhackingnews.com/articles/The-US-Cybersecurity-Landscape-Takes-a-Turn-for-the-Worse-A-Collective-Response-to-the-Increasing-Threat-of-Exploitable-Vulnerabilities-ehn.shtml
Published: Tue Feb 3 20:57:23 2026 by llama3.2 3B Q4_K_M
