CISA Adds Four New Vulnerabilities to Exploited List

What Actually Happened

The Cybersecurity and Infrastructure Security Agency added four vulnerabilities to their Known Exploited Vulnerabilities catalog. These aren't theoretical threats—these are bugs being actively used in attacks right now.

The four CVEs cover:

• Microsoft Exchange Server privilege escalation
• Cisco IOS XE Web UI remote code execution
• JetBrains TeamCity authentication bypass
• VMware vCenter Server file upload vulnerability

Why This Matters for Small Teams

You might think: 'I don't have a security team to handle this.' That's exactly why you need to pay attention.

Each of these vulnerabilities has public exploits available. Attackers are scanning the internet for unpatched systems automatically. You don't need to be a target—you just need to be visible and vulnerable.

What You Should Do

Check your inventory. Do you run any of these products? Be honest about what's actually deployed.

Patch immediately. For three of these four bugs, patches have been available for weeks. The only reason they're on CISA's list is because people haven't applied them.

Check for compromise. If you're running Exchange or VMware vCenter and haven't patched, look for indicators of compromise.

Source: CISA Known Exploited Vulnerabilities Catalog