{"id":3797,"date":"2025-05-04T19:25:49","date_gmt":"2025-05-04T19:25:49","guid":{"rendered":"https:\/\/securitybriefing.net\/?p=3797"},"modified":"2025-05-04T19:25:53","modified_gmt":"2025-05-04T19:25:53","slug":"cisa-fugt-zwei-hochriskante-schwachstellen-zum-ausgenutzten-katalog-hinzu-was-sicherheitsteams-jetzt-tun-sollten","status":"publish","type":"post","link":"https:\/\/securitybriefing.net\/de\/nachrichten\/cisa-fugt-zwei-hochriskante-schwachstellen-zum-ausgenutzten-katalog-hinzu-was-sicherheitsteams-jetzt-tun-sollten\/","title":{"rendered":"CISA f\u00fcgt zwei hochriskante Schwachstellen zum ausgenutzten Katalog hinzu: Was Sicherheitsteams jetzt tun sollten"},"content":{"rendered":"<p>Die Cybersecurity and Infrastructure Security Agency (CISA) hat erneut ihren <a class=\"\" href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\">Katalog der bekannten ausgenutzten Schwachstellen (KEV) aktualisiert<\/a>\u2014eine kritische Informationsquelle sowohl f\u00fcr Verteidiger im \u00f6ffentlichen als auch im privaten Sektor. Am 2. Mai 2025 wurden zwei Schwachstellen hinzugef\u00fcgt, die als in freier Wildbahn ausgenutzt verifiziert wurden:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-34028\">CVE-2025-34028 \u2013 Commvault Command Center Pfad-Traversal-Schwachstelle<\/a><\/li>\n\n\n\n<li><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-58136\">CVE-2024-58136 \u2013 YiiFramework Alternativer Pfad-Schwachstelle: Unzureichender Schutz<\/a><\/li>\n<\/ul>\n\n\n\n<p>Diese Erweiterungen unterstreichen die Notwendigkeit f\u00fcr Organisationen in allen Sektoren, wachsam und proaktiv im Umgang mit Schwachstellenmanagement zu bleiben, auch wenn sie nicht unter aktiven f\u00f6deralen Anforderungen stehen.<\/p>\n\n\n<h2 class=\"wp-block-heading\" id=\"why-these-cves-matter\"><strong>Warum diese CVEs wichtig sind<\/strong><\/h2>\n\n\n<p><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-34028\">CVE-2025-34028<\/a> im Commvault Command Center ist eine Pfad-Traversal-Schwachstelle, die es Angreifern erm\u00f6glicht, unautorisierte Verzeichnisse zu lesen oder Code au\u00dferhalb der beabsichtigten Dateistrukturen auszuf\u00fchren. Die Schwachstelle ist besonders besorgniserregend angesichts der sensiblen Natur von Backup- und Datenschutzsystemen, die ein bevorzugtes Ziel von Ransomware-Angreifern und staatlichen Angreifern sind.<\/p>\n\n\n\n<p><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-58136\">CVE-2024-58136<\/a> betrifft das Yii PHP Framework, das h\u00e4ufig in Webanwendungen verwendet wird. Es ist das Ergebnis unzureichenden Schutzes alternativer Pfade, die es Angreifern erm\u00f6glichen k\u00f6nnen, Zugriffskontrollen zu umgehen, die daf\u00fcr vorgesehen sind. Seine Ausnutzung kann zu unautorisierter Nutzung sensibler Funktionen oder Daten f\u00fchren und stellt somit ein erhebliches Risiko f\u00fcr Entwickler und Plattformadministratoren dar.<\/p>\n\n\n<h2 class=\"wp-block-heading\" id=\"the-role-of-bod-2201\"><strong>Die Rolle von BOD 22-01<\/strong><\/h2>\n\n\n<p>Bundesbeh\u00f6rden des zivilen Exekutivzweigs (FCEB), die <a class=\"\" href=\"https:\/\/www.cisa.gov\/news-events\/directives\/bod-22-01-reducing-significant-risk-known-exploited-vulnerabilities\">der verbindlichen operativen Richtlinie 22-01 unterliegen,<\/a> m\u00fcssen KEV-gelistete Schwachstellen innerhalb vorgegebener Fristen beheben. Die Richtlinie fordert eine strukturierte, priorisierte Reaktion auf aktiv ausgenutzte CVEs zugunsten robusterer Sicherheitspositionen in Regierungsnetzwerken.<br>W\u00e4hrend die Richtlinie auf Bundesbeh\u00f6rden abzielt, empfiehlt CISA dringend, dass alle Organisationen\u2014private Unternehmen, Anbieter kritischer Infrastrukturen und SaaS-Anbieter\u2014den KEV-Katalog als dringende Liste zur Behebung verwenden.<\/p>\n\n\n<h2 class=\"wp-block-heading\" id=\"expert-advice-for-security-teams\"><strong>Expertenrat f\u00fcr Sicherheitsteams<\/strong><\/h2>\n\n\n<p>Bei Security Briefing dr\u00e4ngen wir auf sofortige Ma\u00dfnahmen f\u00fcr Administratoren, die Commvault- oder Yii-Installationen \u00fcberwachen:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u00dcberpr\u00fcfen Sie jede Installation des Commvault Command Center und von Webanwendungen, die auf Yii basieren.<\/li>\n\n\n\n<li>Patchen oder wenden Sie so schnell wie m\u00f6glich Abhilfema\u00dfnahmen an. Eine verl\u00e4ngerte Verz\u00f6gerung beim Patchen \u00f6ffentlich ausgenutzter Schwachstellen kann zu direktem Kompromittieren f\u00fchren.<\/li>\n\n\n\n<li>Wenden Sie Dateizugriffskontrollen und Web Application Firewalls (WAFs) an, um Pfad-Traversal- oder alternative Pfad-Zugriffsversuche zu identifizieren und zu verhindern.<\/li>\n\n\n\n<li>Verfolgen Sie den KEV-Katalog von CISA w\u00f6chentlich\u2014integrieren Sie ihn in automatisierte Schwachstellenscans und Abhilfema\u00dfnahmen.<\/li>\n\n\n\n<li>\u00dcberpr\u00fcfen Sie Zugriffsprotokolle und f\u00fchren Sie Bedrohungsjagden nach Anzeichen fr\u00fcherer Ausnutzung durch, insbesondere in extern ausgerichteten Systemen.<\/li>\n<\/ul>\n\n\n\n<p><strong>Abschlie\u00dfender Gedanke:<\/strong> Die kontinuierlichen Updates des KEV-Katalogs durch CISA stellen ein wichtiges Warnsystem dar. Nicht auf diese Warnungen zu reagieren, ist dasselbe wie bekannte Einstiegspunkte f\u00fcr Cyberkriminelle offen zu halten, die aktiv davon profitieren. Unabh\u00e4ngig davon, ob Sie dem privaten oder \u00f6ffentlichen Sektor angeh\u00f6ren, behandeln Sie jede KEV-Erg\u00e4nzung mit h\u00f6chster Priorit\u00e4t. Proaktives Schwachstellenmanagement ist keine Wahl mehr\u2014es ist eine Notwendigkeit, um das moderne Unternehmen zu sichern.<\/p>","protected":false},"excerpt":{"rendered":"<p>Die Cybersecurity and Infrastructure Security Agency (CISA) hat erneut ihren Katalog der bekannten ausgenutzten Schwachstellen (KEV) aktualisiert \u2013 eine kritische Informationsquelle sowohl f\u00fcr Verteidiger im \u00f6ffentlichen als auch im privaten Sektor. Am 2. Mai 2025,\u2026 <a class=\"more-link\" href=\"https:\/\/securitybriefing.net\/de\/nachrichten\/cisa-fugt-zwei-hochriskante-schwachstellen-zum-ausgenutzten-katalog-hinzu-was-sicherheitsteams-jetzt-tun-sollten\/\"><span class=\"screen-reader-text\">CISA f\u00fcgt zwei hochriskante Schwachstellen zum ausgenutzten Katalog hinzu: Was Sicherheitsteams jetzt tun sollten<\/span> read more<\/a><\/p>","protected":false},"author":3,"featured_media":3798,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23],"tags":[],"class_list":["post-3797","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now | Security Briefing<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securitybriefing.net\/de\/nachrichten\/cisa-fugt-zwei-hochriskante-schwachstellen-zum-ausgenutzten-katalog-hinzu-was-sicherheitsteams-jetzt-tun-sollten\/\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now | Security Briefing\" \/>\n<meta property=\"og:description\" content=\"The Cybersecurity and Infrastructure Security Agency (CISA) again refreshed its Known Exploited Vulnerabilities Catalog (KEV)\u2014a critical source of information for both federal and private sector defenders. On May 2, 2025,&hellip; CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now weiterlesen\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securitybriefing.net\/de\/nachrichten\/cisa-fugt-zwei-hochriskante-schwachstellen-zum-ausgenutzten-katalog-hinzu-was-sicherheitsteams-jetzt-tun-sollten\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Briefing\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-04T19:25:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-05-04T19:25:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"966\" \/>\n\t<meta property=\"og:image:height\" content=\"425\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"C\u00e9sar Daniel Barreto\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Geschrieben von\" \/>\n\t<meta name=\"twitter:data1\" content=\"C\u00e9sar Daniel Barreto\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"3\u00a0Minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\"},\"author\":{\"name\":\"C\u00e9sar Daniel Barreto\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/person\/164e5a0bfff5012ebfb8eb4d03c2c24c\"},\"headline\":\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now\",\"datePublished\":\"2025-05-04T19:25:49+00:00\",\"dateModified\":\"2025-05-04T19:25:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\"},\"wordCount\":464,\"publisher\":{\"@id\":\"https:\/\/securitybriefing.net\/#organization\"},\"image\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\",\"articleSection\":[\"News\"],\"inLanguage\":\"de\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\",\"url\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\",\"name\":\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now | Security Briefing\",\"isPartOf\":{\"@id\":\"https:\/\/securitybriefing.net\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\",\"datePublished\":\"2025-05-04T19:25:49+00:00\",\"dateModified\":\"2025-05-04T19:25:53+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage\",\"url\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\",\"contentUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\",\"width\":966,\"height\":425,\"caption\":\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securitybriefing.net\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securitybriefing.net\/#website\",\"url\":\"https:\/\/securitybriefing.net\/\",\"name\":\"Security Briefing\",\"description\":\"Read cybersecurity news, online safety guides, cyber threat updates, and use free security tools from Security Briefing.\",\"publisher\":{\"@id\":\"https:\/\/securitybriefing.net\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securitybriefing.net\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/securitybriefing.net\/#organization\",\"name\":\"Security Briefing\",\"url\":\"https:\/\/securitybriefing.net\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png\",\"contentUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png\",\"width\":256,\"height\":70,\"caption\":\"Security Briefing\"},\"image\":{\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/person\/164e5a0bfff5012ebfb8eb4d03c2c24c\",\"name\":\"C\u00e9sar Daniel Barreto\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/9e709cab74f02e628ffc32849980d0ea51903be7d4bcb52e99250bac60f0b683?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/9e709cab74f02e628ffc32849980d0ea51903be7d4bcb52e99250bac60f0b683?s=96&d=mm&r=g\",\"caption\":\"C\u00e9sar Daniel Barreto\"},\"description\":\"C\u00e9sar Daniel Barreto is an esteemed cybersecurity writer and expert, known for his in-depth knowledge and ability to simplify complex cyber security topics. With extensive experience in network security and data protection, he regularly contributes insightful articles and analysis on the latest cybersecurity trends, educating both professionals and the public.\",\"url\":\"https:\/\/securitybriefing.net\/de\/author\/cesarbarreto\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CISA f\u00fcgt zwei hochriskante Schwachstellen zum ausgenutzten Katalog hinzu: Was Sicherheitsteams jetzt tun sollten | Security Briefing","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securitybriefing.net\/de\/nachrichten\/cisa-fugt-zwei-hochriskante-schwachstellen-zum-ausgenutzten-katalog-hinzu-was-sicherheitsteams-jetzt-tun-sollten\/","og_locale":"de_DE","og_type":"article","og_title":"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now | Security Briefing","og_description":"The Cybersecurity and Infrastructure Security Agency (CISA) again refreshed its Known Exploited Vulnerabilities Catalog (KEV)\u2014a critical source of information for both federal and private sector defenders. On May 2, 2025,&hellip; CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now weiterlesen","og_url":"https:\/\/securitybriefing.net\/de\/nachrichten\/cisa-fugt-zwei-hochriskante-schwachstellen-zum-ausgenutzten-katalog-hinzu-was-sicherheitsteams-jetzt-tun-sollten\/","og_site_name":"Security Briefing","article_published_time":"2025-05-04T19:25:49+00:00","article_modified_time":"2025-05-04T19:25:53+00:00","og_image":[{"width":966,"height":425,"url":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","type":"image\/jpeg"}],"author":"C\u00e9sar Daniel Barreto","twitter_card":"summary_large_image","twitter_misc":{"Geschrieben von":"C\u00e9sar Daniel Barreto","Gesch\u00e4tzte Lesezeit":"3\u00a0Minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#article","isPartOf":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/"},"author":{"name":"C\u00e9sar Daniel Barreto","@id":"https:\/\/securitybriefing.net\/#\/schema\/person\/164e5a0bfff5012ebfb8eb4d03c2c24c"},"headline":"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now","datePublished":"2025-05-04T19:25:49+00:00","dateModified":"2025-05-04T19:25:53+00:00","mainEntityOfPage":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/"},"wordCount":464,"publisher":{"@id":"https:\/\/securitybriefing.net\/#organization"},"image":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage"},"thumbnailUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","articleSection":["News"],"inLanguage":"de"},{"@type":"WebPage","@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/","url":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/","name":"CISA f\u00fcgt zwei hochriskante Schwachstellen zum ausgenutzten Katalog hinzu: Was Sicherheitsteams jetzt tun sollten | Security Briefing","isPartOf":{"@id":"https:\/\/securitybriefing.net\/#website"},"primaryImageOfPage":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage"},"image":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage"},"thumbnailUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","datePublished":"2025-05-04T19:25:49+00:00","dateModified":"2025-05-04T19:25:53+00:00","breadcrumb":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/"]}]},{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage","url":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","contentUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","width":966,"height":425,"caption":"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog"},{"@type":"BreadcrumbList","@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securitybriefing.net\/"},{"@type":"ListItem","position":2,"name":"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now"}]},{"@type":"WebSite","@id":"https:\/\/securitybriefing.net\/#website","url":"https:\/\/securitybriefing.net\/","name":"Sicherheitsbriefing","description":"Read cybersecurity news, online safety guides, cyber threat updates, and use free security tools from Security Briefing.","publisher":{"@id":"https:\/\/securitybriefing.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securitybriefing.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Organization","@id":"https:\/\/securitybriefing.net\/#organization","name":"Sicherheitsbriefing","url":"https:\/\/securitybriefing.net\/","logo":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/","url":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png","contentUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png","width":256,"height":70,"caption":"Security Briefing"},"image":{"@id":"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/securitybriefing.net\/#\/schema\/person\/164e5a0bfff5012ebfb8eb4d03c2c24c","name":"<\/section>","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/securitybriefing.net\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/9e709cab74f02e628ffc32849980d0ea51903be7d4bcb52e99250bac60f0b683?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9e709cab74f02e628ffc32849980d0ea51903be7d4bcb52e99250bac60f0b683?s=96&d=mm&r=g","caption":"C\u00e9sar Daniel Barreto"},"description":"C\u00e9sar Daniel Barreto ist ein gesch\u00e4tzter Cybersecurity-Autor und -Experte, der f\u00fcr sein fundiertes Wissen und seine F\u00e4higkeit bekannt ist, komplexe Cybersicherheitsthemen zu vereinfachen. Mit seiner umfassenden Erfahrung in den Bereichen Netzwerksicherheit und Datenschutz verfasst er regelm\u00e4\u00dfig aufschlussreiche Artikel und Analysen zu den neuesten Trends in der Cybersicherheit und informiert damit sowohl Fachleute als auch die \u00d6ffentlichkeit.","url":"https:\/\/securitybriefing.net\/de\/author\/cesarbarreto\/"}]}},"_links":{"self":[{"href":"https:\/\/securitybriefing.net\/de\/wp-json\/wp\/v2\/posts\/3797","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securitybriefing.net\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securitybriefing.net\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securitybriefing.net\/de\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/securitybriefing.net\/de\/wp-json\/wp\/v2\/comments?post=3797"}],"version-history":[{"count":0,"href":"https:\/\/securitybriefing.net\/de\/wp-json\/wp\/v2\/posts\/3797\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/securitybriefing.net\/de\/wp-json\/wp\/v2\/media\/3798"}],"wp:attachment":[{"href":"https:\/\/securitybriefing.net\/de\/wp-json\/wp\/v2\/media?parent=3797"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securitybriefing.net\/de\/wp-json\/wp\/v2\/categories?post=3797"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securitybriefing.net\/de\/wp-json\/wp\/v2\/tags?post=3797"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}