CISA’s Hall of Shame: New Tech Flaws Join the Vulnerability Catalog Roster

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added ASUS RT-AX55 devices, Craft CMS, and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog. Apparently, these vulnerabilities are throwing a party and everyone is invited—especially if you’re a hacker looking for a backdoor.

3P
Published: June 3, 2025 8:41 pmAdded: June 3, 2025 at 1:56 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

It seems like ASUS, Craft CMS, and ConnectWise ScreenConnect are practicing their vulnerability dance moves on the cybersecurity stage. Meanwhile, CISA is adding these exploits to its catalog like a bouncer with a clipboard, preventing uninvited intruders from crashing the security party. Time to suit up or shut down!

Key Points:

  • CISA adds vulnerabilities in ASUS, Craft CMS, and ConnectWise ScreenConnect to Known Exploited Vulnerabilities (KEV) catalog.
  • ASUS routers hit by improper authentication and OS command injection vulnerabilities.
  • Craft CMS suffers from code injection and external control vulnerabilities.
  • ConnectWise ScreenConnect grapples with improper authentication issues, possibly linked to a nation-state attack.
  • Federal agencies mandated to address these vulnerabilities by June 23, 2025.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?