CISA Adds One Known Exploited Vulnerability to Catalog
Summary
CISA has added CVE-2025-47813, an information disclosure vulnerability in Wing FTP Server, to its Known Exploited Vulnerabilities (KEV) Catalog. This addition is based on evidence of active exploitation, and Federal Civilian Executive Branch (FCEB) agencies are mandated to remediate it due to significant risk.
IFF Assessment
The inclusion of a vulnerability in CISA's KEV catalog signifies it is actively exploited, posing a direct threat to organizations and requiring immediate attention from defenders.
Severity
Defender Context
This alert highlights the importance of actively monitoring CISA's KEV catalog for vulnerabilities that are actively being exploited in the wild. Defenders should prioritize patching or mitigating CVE-2025-47813 on any Wing FTP Server instances to prevent potential compromise.