CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added CVE-2024-37085, a VMware ESXi Authentication Bypass Vulnerability, to its Known Exploited Vulnerabilities Catalog. This vulnerability poses a high risk to federal agencies and organizations due to its frequent exploitation by cybercriminals. Federal Civilian Executive Branch (FCEB) agencies are required to remediate this vulnerability by the specified due date to protect their networks. CISA recommends that all organizations prioritize timely remediation of vulnerabilities in the Catalog to mitigate cyberattacks. The Catalog is a dynamic list of known Common Vulnerabilities and Exposures (CVEs) that pose significant risk to the federal enterprise. CISA continually updates the Catalog by adding vulnerabilities that meet specific criteria.