Tag

Cisa Kev

All articles tagged with #cisa kev

cyber-security-news1 month ago•54 min saved

Active Fortinet SQL Flaw Targets FortiClient EMS, CISA Warns

CISA added CVE-2026-21643, a critical unauthenticated SQL injection in Fortinet FortiClient EMS, to the Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. The flaw enables remote code execution without authentication, risking full database compromise on affected FortiClient EMS deployments. Fortinet has released patches; federal agencies must patch by April 16, 2026, and private-sector admins are urged to patch within three days, monitor for unusual HTTP requests targeting EMS, and take the server offline if patching isn’t possible.

via CyberSecurityNews|

#cisa-kev #cve-2026-21643 #cyber-security-news

security3 months ago•5 min saved

BeyondTrust CVE-2026-1731 exploited in the wild; urgent patching and KEV updates

Threat actors are actively exploiting BeyondTrust CVE-2026-1731 (CVSS 9.9) in the wild by abusing get_portal_info to harvest the x-ns-company value before WebSocket setup, enabling unauthenticated remote code execution; BeyondTrust notes PRA v25.1+ do not require patching, while RS requires the BT26-02-RS patch (v21.3–25.3.1) and PRA patch (BT26-02-PRA, v22.1–24.X); watchTowr, GreyNoise/Defused Cyber, and Arctic Wolf report rapid activity and persistence attempts using SimpleHelp and PSexec; CISA added CVE-2026-1731 to KEV with federal patch deadlines by Feb 16, 2026, and KEV also lists other flaws (CVE-2026-20700, CVE-2025-15556, CVE-2025-40536, CVE-2024-43468).

via The Hacker News|

#beyondtrust #cisa-kev #cve-2026-1731