U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog:

• CVE-2025-0411 7-Zip Mark of the Web Bypass Vulnerability
• CVE-2022-23748 Dante Discovery Process Control Vulnerability
• CVE-2024-21413 Microsoft Outlook Improper Input Validation Vulnerability
• CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability
• CVE-2020-15069 Sophos XG Firewall Buffer Overflow Vulnerability

The vulnerability CVE-2024-21413 (CVSS score of 9.8) is a Remote Code Execution flaw in Microsoft Outlook. An attacker can exploit this vulnerability to gain high privileges, which include read, write, and delete functionality.

“Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.” reads the advisory published by Microsoft.

The vulnerability CVE-2020-15069 (CVSS score of 9.8) is a buffer overflow issue in Sophos XG Firewall 17.x to 17.5 MR12.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts also recommend private organizations review the Catalog and address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix this vulnerability by February 27, 2025.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, CISA Known Exploited Vulnerabilities catalog)