Ethical Hacking News
In a significant update, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, highlighting the importance of proactive cybersecurity measures. Two critical flaws, CVE-2022-0492 and CVE-2025-48595, have been identified as a result of active exploitation. Organizations must review their systems and software to ensure they are not affected by these newly added vulnerabilities.
CISA has added four new vulnerabilities to its KEV catalog: CVE-2022-0492, CVE-2025-48595, and two others. CVE-2022-0492 is a Linux kernel vulnerability with a CVSS score of 7.0, allowing local attackers to gain administrative privileges. CVE-2025-48595 affects Android devices running Android 14-16 and has a CVSS score of 8.4, causing code execution and privilege escalation. Google confirms limited targeted exploitation of CVE-2025-48595 and urges users to update their devices immediately. The inclusion of these vulnerabilities highlights the importance of maintaining up-to-date software and regularly monitoring for known exploits.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added a total of four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, which aims to alert federal agencies and private sector organizations about newly discovered flaws that have been actively exploited by attackers. These updates are essential for ensuring the security posture of these organizations, particularly in the face of an increasingly sophisticated threat landscape.
Amongst these additions, two critical vulnerabilities caught the attention of CISA: CVE-2022-0492, a Linux Kernel Improper Authentication Vulnerability with a CVSS score of 7.0, and CVE-2025-48595, an Android Framework Integer Overflow Vulnerability with a CVSS score of 8.4.
CVE-2022-0492 is a privilege escalation flaw affecting the Linux kernel feature called control groups (groups), which limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes. The flaw resides in the cgroups v1 release_agent functionality, which is executed after the termination of any process in the group.
The root cause of this vulnerability lies in the implementation of the cgroups feature in the Linux kernel, which did not properly restrict access to the feature. A local attacker could exploit this vulnerability to gain administrative privileges and escape a container to execute arbitrary commands on the container host.
The discovery of CVE-2022-0492 is attributed to security researchers Yiqi Sun and Kevin Wang.
On the other hand, CVE-2025-48595 affects devices running Android 14, 15, 16, and Android 16 QPR2. According to Google and the Android Security Bulletin, this issue is caused by an integer overflow that can lead to code execution and privilege escalation on a vulnerable device. An attacker could exploit this flaw to gain elevated access to the system without requiring additional privileges.
Google has confirmed that there are indications that this vulnerability is being exploited in what it describes as “limited, targeted exploitation.” Google has urged users to update their devices immediately to patch this vulnerability and mitigate potential threats.
The inclusion of these vulnerabilities in the KEV catalog serves as a reminder to organizations about the importance of maintaining up-to-date software and systems, as well as regularly monitoring for known exploits.
The United States Cybersecurity and Infrastructure Security Agency (CISA) plays an essential role in safeguarding the nation's critical infrastructure by identifying and addressing potential vulnerabilities. The KEV catalog is one of its key tools in this endeavor, providing a centralized platform for organizations to stay informed about newly discovered flaws that have been actively exploited.
In light of this update, it is crucial for private organizations to review their current systems and software to ensure they are not affected by these newly added vulnerabilities. Moreover, federal agencies are also required to address these identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.
The recent addition of these four new vulnerabilities to the KEV catalog underscores the need for vigilance and proactive measures to enhance cybersecurity posture. By staying informed about newly discovered flaws and taking swift action to patch vulnerabilities, organizations can significantly reduce the risk of being targeted by malicious actors.
Related Information:
https://www.ethicalhackingnews.com/articles/US-Cybersecurity-and-Infrastructure-Security-Agency-CISA-Adds-Android-and-Linux-Kernel-Flaws-to-Known-Exploited-Vulnerabilities-Catalog-ehn.shtml
https://securityaffairs.com/193067/security/u-s-cisa-adds-android-and-linux-kernel-flaws-to-its-known-exploited-vulnerabilities-catalog.html
https://nvd.nist.gov/vuln/detail/CVE-2022-0492
https://www.cvedetails.com/cve/CVE-2022-0492/
https://nvd.nist.gov/vuln/detail/CVE-2025-48595
https://www.cvedetails.com/cve/CVE-2025-48595/
Published: Wed Jun 3 06:50:23 2026 by llama3.2 3B Q4_K_M
