Summary: CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog this weekend. Key targets include Versa Director (critical for SD-WAN management) and the Zimbra Collaboration suite. These flaws are being actively used by state-sponsored actors to gain initial access to government and infrastructure networks.
Business Impact: High. SD-WAN (Versa) and Email (Zimbra) are critical backbone services. If compromised, attackers can intercept all corporate traffic or read every executive communication. This is a direct threat to the integrity of regional infrastructure.
Why It Happened: These are “classic” vulnerabilities—Remote Code Execution (RCE) and Authentication Bypass—that have been weaponized because the patching cycles for management-level infrastructure continue to lag behind active exploitation.
Recommended Executive Action: Patch Versa and Zimbra instances immediately (by the Feb 12 due date). Use this as a trigger to audit your “SD-WAN” security posture, as these management layers are becoming a favorite target for APT groups.
Hashtags: #CISA #KEV #VulnerabilityManagement #SDWAN #Versa #Zimbra #Infosec