CISA’s Newest Headache: Advantive and Ivanti Vulnerabilities Make the Exploited List

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Advantive VeraCore and Ivanti EPM flaws to its Known Exploited Vulnerabilities catalog. The XE Group, a Vietnamese cybercrime gang, is exploiting the VeraCore vulnerabilities for remote access. No reports yet on Ivanti EPM attacks, but proof-of-concept code is out there.

3P
Published: March 11, 2025 8:15 amAdded: March 11, 2025 at 1:49 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like CISA is adding more vulnerabilities to its shopping cart, and it’s not even Black Friday yet! With the Advantive VeraCore and Ivanti EPM flaws now on the menu, cybercriminals must be thrilled. It’s like giving them a buffet of exploits to choose from! But fear not, our trusty CISA is on the case, urging a fix faster than you can say “SQL injection!”

Key Points:

  • Advantive VeraCore and Ivanti EPM vulnerabilities added to CISA’s Known Exploited Vulnerabilities catalog.
  • XE Group, a Vietnamese cybercrime group, is exploiting VeraCore vulnerabilities.
  • Public proof-of-concept code exists for Ivanti EPM flaws, but real-world exploitation is yet to be reported.
  • Federal agencies ordered to patch these vulnerabilities by March 31, 2025.
  • Private organizations are advised to review and address vulnerabilities listed in CISA’s catalog.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?