VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

CISA Adds Actively Exploited ConnectWise & Windows Vulnerabilities to KEV

CISA добавила в KEV активно эксплуатируемые уязвимости ConnectWise и Windows

Colleagues — a cybersecurity alert: CISA added two actively exploited vulnerabilities to KEV.

- CVE‑2024‑1708: path‑traversal in ConnectWise ScreenConnect — potential RCE and data exfiltration (patch: Feb 2024).
- CVE‑2026‑32202: Windows Shell protection bypass — network spoofing (patch: Apr 2026). Microsoft confirmed exploitation; Akamai links it to an incomplete fix for CVE‑2026‑21510.
- Both were chained with other bugs and used in Medusa and related attacks.

Why this matters: active exploitation increases risk of compromise and data encryption.

How will you prioritize patches and verifications?

#cybersecurity #vulnerabilities #patches #infosec

Latest comments

No comments yet.