CISA has added three actively exploited vulnerabilities in Citrix and Git to its KEV Catalogue. Federal businesses should patch the issues by September 15, 2025.
The US authorities’s Cybersecurity and Infrastructure Safety Company (CISA) has added three new vulnerabilities to its listing of flaws which can be actively being exploited by hackers, warning federal businesses to patch them instantly. The pressing alert, issued on August 25, 2025, covers two vulnerabilities in Citrix Session Recording and a serious flaw in Git, the favored code administration system.
These vulnerabilities have been added to the Recognized Exploited Vulnerabilities (KEV) Catalogue, a public listing of safety points which can be confirmed to be below assault. Whereas the mandate to repair these vulnerabilities applies on to federal authorities businesses, CISA strongly urges all non-public organisations to deal with these as a prime precedence for remediation to guard in opposition to cyber threats.
Flaws in Citrix and Git
Two of the newly added vulnerabilities, recognized as CVE-2024-8068 and CVE-2024-8069, have an effect on Citrix Session Recording. Each of those flaws have a CVSS rating of 5.1, which is taken into account a medium-severity score.
Reportedly, these flaws might permit an attacker who’s already inside a community to take over a system and run malicious code. The vulnerabilities can solely be exploited by an authenticated person on the identical community, that means a hacker must have a foothold contained in the system first. Citrix launched safety patches for each of those points again in November 2024.
The third vulnerability, CVE-2025-48384, impacts Git, a instrument that thousands and thousands of builders use to handle and share their code. This explicit flaw, which was given a excessive severity rating of 8.1, stems from how Git handles sure textual content characters in its configuration information.
An attacker might exploit this by composing a malicious file that, when a person clones a repository, might result in a silent and surprising code execution on their machine. A proof-of-concept for this exploit was launched by Datadog shortly after it was patched by Git in July 2025.
The Name to Motion
To adjust to Binding Operational Directive (BOD) 22-01, all US Federal Civilian Government Department businesses should repair these vulnerabilities by September 15, 2025. CISA emphasises that each one organisations ought to make it a observe to often overview the KEV Catalogue and prioritise fixing the issues listed, as they characterize probably the most fast and important dangers being exploited within the wild.
In a remark shared with Hackread.com, Gunter Ollmann, CTO of Cobalt, emphasised the significance of this alert for everybody. He defined that even average safety flaws can turn into extremely harmful when hackers have entry to dependable instruments to use them.
“Organisations ought to deal with the KEV catalogue as a dwelling menace intelligence feed, prioritising remediation of those vulnerabilities as a result of they characterize what attackers are actively exploiting at present,” he said.
This highlights that the vulnerabilities on this listing aren’t simply theoretical dangers; they’re the lively weapons in an attacker’s arsenal proper now.
