Cybersecurity threats continue to evolve, and as a result, attackers are constantly finding new ways to exploit vulnerabilities in widely used software. Recently, the Cybersecurity and Infrastructure Security Agency (CISA) added five actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities impact Advantive VeraCore and Ivanti Endpoint Manager (EPM), posing serious risks to organizations that have yet to apply security patches. Therefore, understanding these cybersecurity threats and implementing necessary mitigations is crucial for maintaining a secure IT infrastructure.
For the latest cybersecurity insights, visit ATS Network Solutions.
Cybersecurity Threats: The Newly Added Vulnerabilities
To provide better clarity, CISA’s latest additions to the KEV catalog include the following five vulnerabilities:
Cybersecurity Threats in Advantive VeraCore
CVE-2024-57968 – This vulnerability arises from an unrestricted file upload mechanism in VeraCore, allowing unauthenticated attackers to upload files to unintended folders via upload.apsx. Consequently, exploiting this flaw enables threat actors to insert malicious scripts, potentially leading to full system compromise.
CVE-2025-25181 – A SQL injection vulnerability in VeraCore that allows remote attackers to execute arbitrary SQL commands, potentially exfiltrating sensitive data or modifying system configurations.
Exploitation of these cybersecurity threats has been attributed to XE Group, a likely Vietnamese threat actor. Specifically, this group has been observed deploying reverse shells and web shells for persistent remote access.
Cybersecurity Threats in Ivanti Endpoint Manager (EPM)
CVE-2024-13159 – An absolute path traversal vulnerability that allows remote, unauthenticated attackers to access and leak sensitive information from affected systems.
CVE-2024-13160 & CVE-2024-13161 – Both vulnerabilities relate to path traversal issues, permitting unauthorized data access. As a result, attackers could leverage these cybersecurity threats for further attacks.
Although no public reports confirm widespread exploitation of the Ivanti vulnerabilities, Horizon3.ai recently released a proof-of-concept (PoC) exploit. Given this development, the high risk of potential attacks cannot be ignored.
Why These Cybersecurity Threats Matter
It is important to note that attackers actively target vulnerabilities listed in the KEV catalog, as these security gaps provide entry points into enterprise systems. Therefore, organizations using Advantive VeraCore or Ivanti EPM must act quickly to prevent exploitation. If left unpatched, systems remain at risk of data theft, ransomware attacks, and other malicious activities that can disrupt business operations. Furthermore, such incidents can lead to significant financial and reputational damage.
How to Mitigate Cybersecurity Threats
CISA has set a deadline of March 31, 2025, for Federal Civilian Executive Branch (FCEB) agencies to apply the necessary patches. However, all organizations using the affected software should follow these security best practices:
- Apply Security Patches Immediately – First and foremost, ensure that all updates provided by Advantive and Ivanti are installed to close the security gaps.
- Monitor Network Activity – Additionally, use intrusion detection and prevention systems to identify suspicious activity linked to these cybersecurity threats.
- Limit Unnecessary Access – To minimize exposure, reduce the attack surface by restricting access to critical files and databases.
- Conduct Security Audits – Moreover, regularly assess systems for vulnerabilities and implement security controls to mitigate risks.
- Stay Informed – Finally, keep up to date with CISA alerts and cybersecurity bulletins to respond to emerging threats effectively.
Conclusion
In summary, the addition of these five cybersecurity threats to the KEV catalog underscores the urgency of proactive security measures. Organizations must take immediate action to patch affected systems and implement robust security protocols to protect against evolving threats. By staying informed and applying best practices, businesses can minimize risks and strengthen their defenses against cyberattacks.
For more cybersecurity insights and expert solutions, visit ATS Network Solutions.