Overview
- CISA expanded its Known Exploited Vulnerabilities catalog on Monday with eight CVEs and set April 23 deadlines for Cisco SD‑WAN and Zimbra fixes and May 4 for the rest.
- The list includes three flaws in Cisco Catalyst SD‑WAN Manager, which controls large networks, with two confirmed exploited in March and a third flagged by CISA as abused despite Cisco not confirming it.
- Other entries cover PaperCut, TeamCity, Kentico Xperience, Quest KACE, and Zimbra bugs that attackers have used to bypass logins, traverse file paths, hijack sessions, and plant malware.
- Under Binding Operational Directive 22‑01, federal agencies must patch or mitigate on schedule, and the KEV catalog also guides private teams on which fixes to prioritize first.
- Because these weaknesses hit management planes and core services like build and email servers, one breach can fan out across thousands of devices or expose credentials, raising supply‑chain and ransomware risk.