CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation. These include the Windows Kernel zero-day (CVE-2025-62215) from today’s Patch Tuesday, a Gladinet Triofox access control flaw (CVE-2025-12480), and a WatchGuard Firebox RCE flaw (CVE-2025-9242).
Business Impact
These flaws represent immediate, proven risks. The Gladinet flaw allows attackers to access files on cloud storage platforms. The WatchGuard flaw allows for complete firewall takeover. All three are being actively used by attackers to breach networks.
Why It Happened
Attackers prioritize and weaponize vulnerabilities that are internet-facing (like WatchGuard and Gladinet) or provide high-level access (like the Windows Kernel flaw) to maximize their impact and success rate.
Recommended Executive Action
Direct your vulnerability management team to prioritize patching these three CVEs immediately. The KEV catalog is not a suggestion; it is a list of active threats. Federal agencies must patch by December 3, 2025, and all organizations should follow suit.
Hashtags: #CISA #KEV #Vulnerability #PatchNow #WatchGuard #Microsoft #CyberSecurity #InfoSec #CVE