CISA Urges Feds to Patch Exploited cPanel Vulnerability within 4 Days

Anuj May 27, 2026
www.news4hackers.com-cisa-urges-feds-to-patch-exploited-cpanel-vulnerability-within-4-days-cisa-urges-feds-to-patch-exploited-cpanel-vulnerability-within-4-days
Post Views: 1

Urgent Patch Alert from CISA

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive requiring US federal agencies to patch a critical vulnerability in the LiteSpeed cPanel user-end plugin within the next four days.

What’s at Risk?

  • Remote Execution: Remote attackers can execute arbitrary scripts with root privileges due to an incorrect privilege assignment weakness in the lsws_redisAble function.
  • CVE-2026-48172: Identified as a critical vulnerability affecting LiteSpeed cPanel user-end plugin versions between v2.3 and v2.4.4.

Action Required

LiteSpeed released urgent security updates on Thursday to address the flaw, warning users to update the cPanel user-end plugin (bundled with the WHM plugin) to the latest version. Users are advised to verify their server’s vulnerability using the following command: grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2>/dev/null. If the command yields any output, users should investigate the detected IP addresses, determine their validity, and block them if necessary.

Important Dates

  • May 29th: Deadline for US federal agencies to patch their systems, as mandated by Binding Operational Directive (BOD) 22-01.

Recommendation

CISA urges all defenders, including the private sector, to prioritize CVE-2026-48172 patches and secure their servers as soon as possible. Users should apply the recommended patches according to the vendor’s instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.



About Author

Anuj

See author's posts

More Stories

www.news4hackers.com-what-to-expect-from-rsa-conference-for-security-leaders-by-joseph-blankenship-what-to-expect-from-rsa-conference-for-security-leaders-by-joseph-blankenship

What to Expect from RSA Conference for Security Leaders by Joseph Blankenship

Anuj May 27, 2026
www.news4hackers.com-dutch-police-arrests-suspect-linked-to-high-profile-ajax-football-club-cyber-hack-dutch-police-arrests-suspect-linked-to-high-profile-ajax-football-club-cyber-hack

Dutch Police Arrests Suspect Linked to High-Profile Ajax Football Club Cyber Hack

Anuj May 27, 2026
www.news4hackers.com-zero-trust-file-access-controls-integrated-into-jetico-s-bestcrypt-data-shelter-zero-trust-file-access-controls-integrated-into-jetico-s-bestcrypt-data-shelter

Zero-Trust File Access Controls Integrated into Jetico’s BestCrypt Data Shelter

Anuj May 27, 2026

Latest Cyber Security News

www.news4hackers.com-cisa-urges-feds-to-patch-exploited-cpanel-vulnerability-within-4-days-cisa-urges-feds-to-patch-exploited-cpanel-vulnerability-within-4-days

CISA Urges Feds to Patch Exploited cPanel Vulnerability within 4 Days

Anuj May 27, 2026
www.news4hackers.com-glassworm-botnet-takedown-glassworm-botnet-takedown

GlassWorm Botnet Takedown

Anuj May 27, 2026
www.news4hackers.com-ai-security-threats-symjack-exploits-code-for-supply-chain-attacks-ai-security-threats-symjack-exploits-code-for-supply-chain-attacks

AI Security Threats: ‘SymJack’ Exploits Code for Supply Chain Attacks

Anuj May 27, 2026
www.news4hackers.com-protecting-against-stolen-credentials-the-modern-cybersecurity-threat-protecting-against-stolen-credentials-the-modern-cybersecurity-threat

Protecting Against Stolen Credentials: The Modern Cybersecurity Threat

Anuj May 27, 2026
www.news4hackers.com-thane-share-trading-scandal-2-crore-cyber-fraud-uncovered-one-person-arrested-thane-share-trading-scandal-2-crore-cyber-fraud-uncovered-one-person-arrested

Thane Share Trading Scandal: ₹2 Crore Cyber Fraud Uncovered, One Person Arrested

Anuj May 27, 2026
en_USEnglish
en_USEnglish