CISA Adds One Known Exploited Vulnerability to Catalog

Summary

CISA has added CVE-2008-4128, a Cisco IOS Cross-Site Request Forgery Vulnerability, to its Known Exploited Vulnerabilities (KEV) Catalog due to evidence of active exploitation. This action reinforces the importance of CISA's Binding Operational Directive (BOD) 26-04, which mandates federal agencies prioritize the remediation of vulnerabilities listed in the KEV Catalog on publicly exposed assets.

IFF Assessment

FOE

The addition of an actively exploited vulnerability to the KEV catalog signifies a known risk that malicious actors are currently leveraging, posing a threat to organizations.

Severity

4.3 Medium

CVE-2008-4128 is a Cross-Site Request Forgery vulnerability in Cisco IOS. While the article doesn't provide a specific CVSS score, CSRF vulnerabilities on network devices can allow unauthorized actions with significant impact. An estimated CVSS score of 7.5 reflects a High severity, considering potential for privilege escalation or configuration changes.

CISA KEV: Listed as actively exploited. Federal patch due: July 16, 2026. Known ransomware use: Unknown.

Defender Context

Defenders should prioritize patching or mitigating CVE-2008-4128, especially if using Cisco IOS devices. The inclusion in CISA's KEV catalog indicates active exploitation, making it a critical target. Organizations should regularly monitor the KEV catalog and implement robust vulnerability management processes to proactively address known exploited vulnerabilities.

Read Full Story →