Organizations should use the kev catalog as an input to their vulnerability management prioritization framework.how to use the kev. A list of known exploited vulnerabilities. Learn about the importance of cisa's known exploited vulnerability (kev) catalog and how to use it to help build a collective resilience across the cybersecurity community. Cisa has added one new vulnerability to its known exploited vulnerabilities (kev) catalog, based on evidence of active exploitation. Federal agencies are able to see their open kevs in their continuous diagnostics and mitigation (cdm) dashboard, and commercial partners including palo alto networks , tenable , runecast, qualys , wiz, and rapid7 have. The kev catalog, cpgs, and prni exemplify cisa’s commitment to fostering collaboration across public and private sectors
Cisa has added two new vulnerabilities to its kev catalog, based on evidence of active exploitation. For all instances of ivanti connect secure, policy secure, and zta gateways Cisa has updated this alert to include revised information on vulnerable product identification, potential threat activity detections, and additional resources
OPEN
