CISA Adds Microsoft, ConnectWise Vulnerabilities to Active Exploitation Catalog

CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog

Russia has used one of the flaws, security experts said, while North Korea has used the other.

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below CVE-2024-1708 (CVSS score: 8.4) - A path traversal vulnerability in  ConnectWise ScreenConnect

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Adds Two Known Exploited Vulnerabilities to Catalog bjackson Apr 28, 2026 Release DateApril 28, 2026 DescriptionCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.CVE-2024-1708 ConnectWise ScreenConnect Path Traversal VulnerabilityCVE-2026-32202 Microsoft Windows Protection Mechanism Failure VulnerabilityThese types of vulnerabilities are frequent attack ve…