CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation. The flaws are CVE-2025-41244 (a VMware privilege escalation vulnerability) and CVE-2025-24893 (an XWiki Platform injection vulnerability).
Business Impact
The VMware flaw in Aria Operations & Tools allows attackers to escalate privileges, potentially leading to hypervisor-level compromise. The XWiki flaw allows for remote attacks, putting corporate wikis and the sensitive information they contain at risk of data theft or manipulation.
Why It Happened
Attackers have successfully developed and are actively using exploits for these vulnerabilities, targeting organizations that have not yet applied the necessary security updates. Both represent significant vectors for network compromise.
Recommended Executive Action
Mandate that vulnerability management teams prioritize patching CVE-2025-41244 and CVE-2025-24893 immediately, per CISA’s directive. This is especially critical for any internet-facing XWiki instances or multi-tenant VMware environments.
Hashtags: #CISA #KEV #Vulnerability #VMware #XWiki #PatchNow #CVE #CyberSecurity #InfoSec