Trending

ee-track">
Link copied!

CISA Warns of Active Exploitation with Three New Vulnerabilities Added to KEV Catalog 

CISA adds CVE-2025-1316, CVE-2024-48248, and CVE-2017-12637 to its KEV Catalog, warning of active exploitation targeting critical systems and services.

March 20, 2025 · 3 min read
CISA Warns of Active Exploitation with Three New Vulnerabilities Added to KEV Catalog 

One of the most concerning vulnerabilities in the new CISA catalog is CVE-2025-1316, which affects the Edimax IC-7100 IP Camera. This vulnerability, identified on March 4, 2025, is an OS Command Injection Vulnerability that allows attackers to execute arbitrary commands on the device remotely.  

The Edimax IC-7100 does not properly neutralize special characters used in OS commands, leaving it open to exploitation. Malicious actors can craft specific requests to inject malicious code into the camera’s operating system, leading to remote code execution and unauthorized access to the device. 

The impact of this vulnerability is severe, as it enables attackers to gain control over the device, potentially accessing sensitive video surveillance data or compromising the network. A CVSS v4 score of 9.3 has been assigned to CVE-2025-1316, indicating the critical nature of the flaw.  

CISA strongly recommends that organizations using Edimax IC-7100 IP Cameras take immediate action to mitigate the risk, including network isolation, the use of firewalls, and the deployment of Virtual Private Networks (VPNs) to protect control systems from external threats

CVE-2024-48248: Absolute Path Traversal Vulnerability in NAKIVO Backup and Replication 

Another serious vulnerability added to CISA’s catalog is CVE-2024-48248, a Traversal Vulnerability in NAKIVO Backup and Replication. This flaw, which was discovered in March 2025, allows attackers to exploit the application’s handling of file paths, enabling them to access unauthorized directories on the system. This vulnerability is a classic case of absolute path traversal, where attackers can manipulate file paths to navigate outside the expected directory structure, potentially reading sensitive files and compromising the system’s security. 

The flaw affects all versions of NAKIVO Backup and Replication prior to the patch release, and its exploitation can lead to data leakage or loss, exposing critical backup information. CISA emphasizes the importance of applying patches and updating to the latest software versions to prevent potential breaches. Organizations are advised to ensure proper access controls are in place and to regularly audit their systems for vulnerabilities related to path traversal. 

report-ad-banner

CVE-2017-12637: Directory Traversal Vulnerability in SAP NetWeaver 

The third vulnerability on CISA’s list is CVE-2017-12637, a Directory Traversal Vulnerability found in SAP NetWeaver, a widely used enterprise resource planning (ERP) system. This flaw, which was originally published in August 2017, has resurfaced in the context of ongoing exploitation. The vulnerability allows attackers to access arbitrary files by manipulating file paths in a web application’s query string, a technique known as directory traversal. 

In this case, the SAP NetWeaver Application Server Java 7.5 is vulnerable to exploitation via the UIUtilJavaScriptJS component. By sending specially crafted input that includes .. (dot dot) sequences, attackers can navigate outside the application’s root directory and access sensitive files on the underlying system. Exploiting this flaw can lead to the disclosure of confidential information, and in some cases, the ability to execute further attacks on the system. 

CISA urges SAP NetWeaver users to immediately apply security patches to resolve this issue and recommends conducting thorough security reviews to prevent similar vulnerabilities from being overlooked in the future. 

Conclusion  

Addressing vulnerabilities such as CVE-2025-1316, CVE-2024-48248, and CVE-2017-12637 is important for protecting critical infrastructure and sensitive data from exploitation. Organizations must remain proactive in implementing mitigation strategies recommended by CISA, such as updating systems, securing access, and isolating vulnerable devices.  

As the threat landscape evolves, the importance of leveraging advanced cybersecurity solutions cannot be overstated. Cyble, a leader in AI-driven cybersecurity, plays a crucial role in helping organizations stay protected from cyber adversaries. With its cutting-edge threat intelligence platforms, like Cyble Vision, Cyble empowers enterprises, government bodies, and law enforcement agencies to proactively detect and defend against cyber threats. 

References 

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams