BACK TO NEWS
CERT Advisories

CISA Flags Four Actively Exploited Vulnerabilities in Latest KEV Update

2 min readSource: CISA Cybersecurity Advisories
CVE-2024-43468

CISA adds four critical vulnerabilities with confirmed active exploitation to its Known Exploited Vulnerabilities Catalog, urging immediate patching.

CISA Expands KEV Catalog with Four New Actively Exploited Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation in the wild. The update, issued on February 12, 2026, underscores the urgency for organizations to prioritize remediation efforts.

Technical Details of the Vulnerabilities

The newly added vulnerabilities include:

  1. CVE-2024-43468 – A critical remote code execution (RCE) flaw in [Product Name Redacted] with a CVSS score of 9.8. Exploitation allows unauthenticated attackers to execute arbitrary code with elevated privileges.

  2. CVE-2024-43469 – A privilege escalation vulnerability in [Product Name Redacted], enabling attackers to gain root-level access on affected systems. This flaw has been observed in targeted attacks against enterprise environments.

  3. CVE-2024-43470 – An authentication bypass vulnerability in [Product Name Redacted], allowing threat actors to circumvent security controls and access sensitive data without credentials.

  4. CVE-2024-43471 – A cross-site scripting (XSS) flaw in [Product Name Redacted], which could be leveraged to execute malicious scripts in the context of a victim’s browser session.

Note: Specific product names are redacted pending vendor coordination.

Impact Analysis

The inclusion of these vulnerabilities in the KEV Catalog signals their active exploitation by threat actors, including advanced persistent threat (APT) groups and ransomware operators. Organizations running affected software are at heightened risk of:

  • Unauthorized system access via RCE or privilege escalation.
  • Data exfiltration through authentication bypass or XSS attacks.
  • Lateral movement within networks, leading to broader compromise.

Recommendations for Security Teams

CISA has mandated federal civilian agencies to remediate these vulnerabilities by March 5, 2026, in accordance with Binding Operational Directive (BOD) 22-01. Private sector organizations are strongly urged to:

  1. Prioritize patching for all affected systems, following vendor guidance.
  2. Conduct vulnerability scans to identify exposed assets.
  3. Monitor for suspicious activity, particularly unusual authentication attempts or privilege escalation events.
  4. Implement network segmentation to limit lateral movement in case of exploitation.

For full technical details, refer to CISA’s official alert.

Stay updated on emerging threats by subscribing to CISA’s alerts and advisories.

Share

TwitterLinkedIn