CISA has added three actively exploited vulnerabilities in Citrix and Git to its KEV Catalogue. Federal businesses should patch the issues by September 15, 2025.
The US authorities’s Cybersecurity and Infrastructure Safety Company (CISA) has added three new vulnerabilities to its listing of flaws which are actively being exploited by hackers, warning federal businesses to patch them instantly. The pressing alert, issued on August 25, 2025, covers two vulnerabilities in Citrix Session Recording and a significant flaw in Git, the favored code administration system.
These vulnerabilities have been added to the Identified Exploited Vulnerabilities (KEV) Catalogue, a public listing of safety points which are confirmed to be beneath assault. Whereas the mandate to repair these vulnerabilities applies on to federal authorities businesses, CISA strongly urges all non-public organisations to deal with these as a prime precedence for remediation to guard towards cyber threats.
Flaws in Citrix and Git
Two of the newly added vulnerabilities, recognized as CVE-2024-8068 and CVE-2024-8069, have an effect on Citrix Session Recording. Each of those flaws have a CVSS rating of 5.1, which is taken into account a medium-severity ranking.
Reportedly, these flaws might permit an attacker who’s already inside a community to take over a system and run malicious code. The vulnerabilities can solely be exploited by an authenticated person on the identical community, which means a hacker must have a foothold contained in the system first. Citrix launched safety patches for each of those points again in November 2024.
The third vulnerability, CVE-2025-48384, impacts Git, a instrument that thousands and thousands of builders use to handle and share their code. This specific flaw, which was given a excessive severity rating of 8.1, stems from how Git handles sure textual content characters in its configuration information.
An attacker might exploit this by composing a malicious file that, when a person clones a repository, might result in a silent and sudden code execution on their machine. A proof-of-concept for this exploit was launched by Datadog shortly after it was patched by Git in July 2025.
The Name to Motion
To adjust to Binding Operational Directive (BOD) 22-01, all US Federal Civilian Govt Department businesses should repair these vulnerabilities by September 15, 2025. CISA emphasises that each one organisations ought to make it a apply to repeatedly overview the KEV Catalogue and prioritise fixing the issues listed, as they characterize essentially the most rapid and important dangers being exploited within the wild.
In a remark shared with Hackread.com, Gunter Ollmann, CTO of Cobalt, emphasised the significance of this alert for everybody. He defined that even reasonable safety flaws can grow to be extremely harmful when hackers have entry to dependable instruments to use them.
“Organisations ought to deal with the KEV catalogue as a dwelling risk intelligence feed, prioritising remediation of those vulnerabilities as a result of they characterize what attackers are actively exploiting at the moment,” he said.
This highlights that the vulnerabilities on this listing are usually not simply theoretical dangers; they’re the energetic weapons in an attacker’s arsenal proper now.
