MUST READ

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

 | 

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

 | 

SVG files used in hidden malware campaign impersonating Colombian authorities

 | 

France’s CNIL fined Google $379M and Shein $175M for breaching cookie rules

 | 

$10M reward for Russia's FSB officers accused of hacking US Critical infrastructure

 | 

Severe Hikvision HikCentral product flaws: What You Need to Know

 | 

U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog

 | 

Google addressed two Android flaws actively exploited in targeted attacks

 | 

U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

 | 

Android droppers evolved into versatile tools to spread malware

 | 

Jaguar Land Rover shuts down systems after cyberattack, no evidence of customer data theft

 | 

Cloudflare blocked a record 11.5 Tbps DDoS attack

 | 

Palo Alto Networks disclosed a data breach linked to Salesloft Drift incident

 | 

Von der Leyen’s plane hit by suspected Russian GPS Jamming in Bulgaria, landed Safely

 | 

Supply-chain attack hits Zscaler via Salesloft Drift, leaking customer info

 | 

Crooks exploit Meta malvertising to target Android users with Brokewell

 | 

North Korea’s APT37 deploys RokRAT in new phishing campaign against academics

 | 

Fraudster stole over $1.5 million from city of Baltimore

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 60

 | 

Security Affairs newsletter Round 539 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

U.S. CISA adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog

Pierluigi Paganini May 17, 2025

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities (KEV) catalog.

Below are the descriptions for these flaws:

  • CVE-2024-12987 (CVSS score of 7.3) DrayTek Vigor Routers OS Command Injection Vulnerability – A critical OS command injection flaw in DrayTek Vigor2960 and Vigor300B (v1.5.1.4) via the Web UI allows remote attacks through the session parameter.
  • CVE-2025-4664 (CVSS score of 4.3) Google Chromium Loader Insufficient Policy Enforcement Vulnerability – This week Google released emergency security updates to address a Chrome browser vulnerability, tracked as CVE-2025-4664, that could lead to full account takeover. The security researcher Vsevolod Kokorin (@slonser_) discovered the vulnerability, which stems from an insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113. A remote attacker could trigger the flaw to leak cross-origin data via a crafted HTML page. Google warned of the availability of a public exploit for this high-severity flaw.
  • CVE-2025-42999 (CVSS score of 9.1) SAP NetWeaver Deserialization Vulnerability – SAP NetWeaver Visual Composer has a flaw allowing privileged users to upload malicious content, risking system confidentiality, integrity, and availability.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts also recommend private organizations review the Catalog and address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix the vulnerabilities by June 5, 2025.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, CISA)

CISA information security news IT Information Security Known Exploited Vulnerabilities Catalog Pierluigi Paganini Security Affairs Security News

you might also like

Pierluigi Paganini September 05, 2025
Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation
Read more
Pierluigi Paganini September 05, 2025
U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation

Hacking / September 05, 2025

U.S. CISA adds Sitecore, Android, and Linux flaws to its Known Exploited Vulnerabilities catalog

Breaking News / September 05, 2025

SVG files used in hidden malware campaign impersonating Colombian authorities

Malware / September 05, 2025

France’s CNIL fined Google $379M and Shein $175M for breaching cookie rules

Laws and regulations / September 05, 2025

$10M reward for Russia's FSB officers accused of hacking US Critical infrastructure

Cyber warfare / September 04, 2025