ScoutGet the App

CISA adds four exploited flaws

- The Cybersecurity and Infrastructure Security Agency on April 24 added four newly exploited bugs to its Known Exploited Vulnerabilities catalog, including flaws in Samsung MagicINFO 9 Server, SimpleHelp, and D-Link’s DIR-823X router. - Two of the four entries are SimpleHelp bugs, CVE-2024-57726 and CVE-2024-57728, both due May 8; CISA says catalog additions follow evidence that attackers are already exploiting them in the wild. - The update expands a running federal patch list under Binding Operational Directive 22-01, which requires civilian agencies to fix cataloged flaws on deadline. (cisa.gov)

The Cybersecurity and Infrastructure Security Agency added four newly exploited security flaws to its Known Exploited Vulnerabilities catalog on April 24 and set a May 8 remediation deadline for federal civilian agencies. (cisa.gov) The new entries are CVE-2024-7399 in Samsung MagicINFO 9 Server, CVE-2024-57726 and CVE-2024-57728 in SimpleHelp, and CVE-2025-29635 in the D-Link DIR-823X router. (cisa.gov) CISA’s catalog page says the Samsung flaw is a path traversal bug that can let an attacker write arbitrary files as system authority, while the D-Link flaw is a command injection bug reachable through a POST request to `/goform/set_prohibiting`. (cisa.gov) The two SimpleHelp entries cover a missing authorization bug and a path traversal bug. CISA says one can let low-privileged technicians create overpowered application programming interface keys, and the other can let an admin user upload files that lead to code execution on the host. (cisa.gov) A known exploited vulnerability catalog is CISA’s running list of software and hardware bugs that attackers are already using against real targets. Under Binding Operational Directive 22-01, Federal Civilian Executive Branch agencies must fix listed flaws by CISA’s due date. (cisa.gov 1) (cisa.gov 2) CISA says it adds vulnerabilities to the catalog based on reliable evidence that a threat actor is actively exploiting them against public or private organizations. The directive applies across federal information systems, including systems hosted by third parties on an agency’s behalf. (cisa.gov) SimpleHelp had already appeared in the catalog on February 13, 2025, when CISA added CVE-2024-57727, another path traversal flaw in the same remote support product. Friday’s update adds two more SimpleHelp bugs from the same January 2025 disclosure set. (cisa.gov) (guides.simple-help.com) SimpleHelp said versions 5.5.7 and earlier were affected by CVE-2024-57726, CVE-2024-57727, and CVE-2024-57728, and released fixes in version 5.5.8 on January 10, 2025. The company said at the time it recommended upgrading “as soon as possible.” (guides.simple-help.com) (community.simple-help.com) For federal agencies, the practical effect is simple: four more exploited bugs now move into the short-list for urgent patching, with May 8, 2026 as the deadline CISA attached to all four entries. (cisa.gov)

Get your own daily briefing

Scout delivers personalized news, insights, and conversations tailored to your role and industry.

Download on the App Store

Shared from Scout - Be the smartest in the room.