Critical Cisco, Kentico, and Zimbra Vulnerabilities Exposed for Organizations

Post Views: 5

Federal Agencies Urged to Patch High-Risk Vulnerabilities

The United States Cybersecurity Agency (CISA) recently updated its Known Exploited Vulnerabilities (KEV) catalog to include several high-risk flaws that have been exploited in attacks.

Affected Software Applications

Cisco Catalyst SD-WAN Manager (CVE-2026-20133)
Kentico Xperience (CVE-2025-2749)
Zimbra Classic UI (CVE-2025-48700)
Quest KACE (CVE-2025-32975)
JetBrains TeamCity (CVE-2024-27199)
PaperCut (CVE-2023-27351)

The recent KEV catalog update highlights several vulnerabilities that have been exploited in attacks, including:

According to CISA, the newly added vulnerabilities affect popular software applications used by numerous organizations worldwide, including Cisco, Kentico, and Zimbra.

The United States Cybersecurity Agency (CISA) is urging federal agencies to patch the vulnerabilities in Cisco and Zimbra by April 23, and the other four issues by May 4. Failure to address these vulnerabilities can lead to serious consequences, including unauthorized access to sensitive data, disruption of services, and reputational damage.

Action Required

Organizations are advised to review their systems and apply necessary patches to prevent potential exploits. It is essential to prioritize vulnerability remediation and ensure that all known flaws are addressed promptly to maintain the integrity and confidentiality of their data.