CISA has added multiple critical security flaws to its Known Exploited Vulnerabilities catalog, including threats targeting corporate communication systems.

Critical Vulnerabilities Under Active Exploitation

The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory on May 19, 2025, warning organizations about six newly discovered vulnerabilities that are actively being exploited by threat actors. These vulnerabilities have been added to the agency Known Exploited Vulnerabilities (KEV) catalog, prompting immediate action from federal agencies and serving as a warning to private sector organizations.

Ivanti Mobile Management Platform at Risk

Two particularly concerning vulnerabilities affect Ivanti’s Endpoint Manager Mobile (EPMM) platform. These flaws, tracked as CVE-2025-4427 and CVE-2025-4428, were disclosed in a security advisory published by Ivanti on May 13. When combined, these vulnerabilities allow attackers to bypass authentication controls and execute malicious code remotely on affected systems.

Corporate Communication Tools Targeted

In a troubling development, Output Messenger, a corporate chat tool developed by Indian company Srimax Software, contains a directory traversal vulnerability (CVE-2025-27920). Microsoft researchers revealed this flaw was being exploited as a zero-day vulnerability in intelligence operations across the Middle East region.

Email Systems Under Attack

Zimbra Collaboration Suite Vulnerability

The Zimbra Collaboration Suite (ZCS) developed by Synacor is affected by a cross-site scripting (XSS) vulnerability tracked as CVE-2024-27443. This security flaw exists in the calendar invitation feature and allows attackers to execute arbitrary JavaScript code when specially crafted emails are opened in the webmail interface.

MDaemon Email Server Flaw

Similarly, MDaemon Technologies’ Email Server contains a cross-site scripting vulnerability (CVE-2024-11182) affecting its webmail component, potentially allowing attackers to compromise email communications.

Physical Access Control System Vulnerable

The advisory also highlighted a path traversal vulnerability (CVE-2023-38950) affecting BioTime, a time and attendance management system from ZKTeco that integrates with biometric authentication devices. This vulnerability has been observed in active attack campaigns.

Recommended Mitigations

Organizations using any of these affected systems should:

  1. Apply vendor-provided patches immediately
  2. Implement network segmentation where possible
  3. Monitor systems for suspicious activity
  4. Review access logs for potential compromise indicators

Timeline for Federal Agency Compliance

Federal agencies must remediate these vulnerabilities within CISA’s specified timeframe. However, given the active exploitation status, all organizations are strongly encouraged to address these vulnerabilities as quickly as possible to prevent potential breaches.

Share this post

Author

Editorial Team
Editorial Team
The Editorial Team at Security Land is comprised of experienced professionals dedicated to delivering insightful analysis, breaking news, and expert perspectives on the ever-evolving threat landscape

Comments