CISA Reports Active Exploitation of Four Enterprise Software Vulnerabilities

CISA Warns⁤ of active Exploitation of Four​ New Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of four vulnerabilities affecting software from Versa ‍and zimbra, the Vite frontend tooling framework, and the Prettier code formatter. These security ⁢issues have been added to CISA’s Known ​Exploited ‍Vulnerabilities (KEV) catalogue,⁢ signifying evidence of ongoing exploitation⁣ by malicious actors.

One of the ‍identified vulnerabilities⁣ is‍ CVE-2025-31125,⁤ a high-severity improper access control issue in Zimbra disclosed in March 2024. This flaw can lead to the exposure of ​non-allowed files⁤ when the server is directly accessible​ via the ​network. The vulnerability has ‌been addressed in versions 6.2.4, 6.1.3, 6.0.13, 5.4.16, and‌ 4.5.11. it only impacts⁢ exposed progress instances.

CISA also flagged CVE-2025-34026,​ a critical-severity ‍authentication bypass vulnerability within the Versa Concerto SD-WAN orchestration platform, discovered in‌ May 2025. This is ⁤caused by a misconfiguration of the Traefik reverse proxy, granting access to administrative⁣ endpoints, including the internal Actuator endpoint, and exposing sensitive data like heap dumps and trace logs. Concerto ‍versions 12.1.2 through 12.2.0 are affected, with the possibility of additional impacted⁣ versions. Versa‍ confirmed fixes were implemented ⁢on March 7, 2025, after being reported by ProjectDiscovery researchers on February 13, 2025.

Additionally, CISA lists CVE-2025-54313 and CVE-2024-5969. Further​ details regarding these vulnerabilities⁣ were ​not provided in‍ the initial report.