{"id":3797,"date":"2025-05-04T19:25:49","date_gmt":"2025-05-04T19:25:49","guid":{"rendered":"https:\/\/securitybriefing.net\/?p=3797"},"modified":"2025-05-04T19:25:53","modified_gmt":"2025-05-04T19:25:53","slug":"cisa-aggiunge-due-vulnerabilita-ad-alto-rischio-al-catalogo-sfruttato-cosa-dovrebbero-fare-ora-i-team-di-sicurezza","status":"publish","type":"post","link":"https:\/\/securitybriefing.net\/it\/notizie\/cisa-aggiunge-due-vulnerabilita-ad-alto-rischio-al-catalogo-sfruttato-cosa-dovrebbero-fare-ora-i-team-di-sicurezza\/","title":{"rendered":"CISA aggiunge due vulnerabilit\u00e0 ad alto rischio al catalogo degli exploit: cosa devono fare ora i team di sicurezza"},"content":{"rendered":"<p>L'Agenzia per la Sicurezza Informatica e delle Infrastrutture (CISA) ha nuovamente aggiornato il suo <a class=\"\" href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\">Catalogo delle Vulnerabilit\u00e0 Sfruttate Note (KEV)<\/a>\u2014una fonte critica di informazioni sia per i difensori federali che per quelli del settore privato. Il 2 maggio 2025, sono state aggiunte due vulnerabilit\u00e0 verificate come sfruttate in natura:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-34028\">CVE-2025-34028 \u2013 Vulnerabilit\u00e0 di Traversata del Percorso nel Commvault Command Center<\/a><\/li>\n\n\n\n<li><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-58136\">CVE-2024-58136 \u2013 Vulnerabilit\u00e0 del Percorso Alternativo in YiiFramework: Protezione Inadeguata<\/a><\/li>\n<\/ul>\n\n\n\n<p>Queste espansioni evidenziano la necessit\u00e0 per le organizzazioni di tutti i settori di rimanere vigili e proattive nella gestione delle vulnerabilit\u00e0 anche quando non sono sotto requisiti federali attivi.<\/p>\n\n\n<h2 class=\"wp-block-heading\" id=\"why-these-cves-matter\"><strong>Perch\u00e9 Queste CVE Sono Importanti<\/strong><\/h2>\n\n\n<p><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-34028\">CVE-2025-34028<\/a> nel Commvault Command Center \u00e8 una vulnerabilit\u00e0 di traversata del percorso che consente agli attaccanti di leggere directory non autorizzate o eseguire codice al di fuori delle strutture di file previste. La vulnerabilit\u00e0 \u00e8 particolarmente preoccupante data la natura sensibile dei sistemi di backup e protezione dei dati, che sono un obiettivo preferito degli attaccanti ransomware e degli attaccanti statali.<\/p>\n\n\n\n<p><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-58136\">CVE-2024-58136<\/a> impatta il Yii PHP Framework comunemente utilizzato nelle applicazioni web. \u00c8 il risultato di una protezione inadeguata dei percorsi alternativi, che pu\u00f2 permettere agli attaccanti di bypassare i controlli di accesso progettati per esso. Il suo sfruttamento pu\u00f2 portare a un uso non autorizzato di funzionalit\u00e0 o dati sensibili, ponendo quindi un rischio significativo per gli sviluppatori e gli amministratori di piattaforme.<\/p>\n\n\n<h2 class=\"wp-block-heading\" id=\"the-role-of-bod-2201\"><strong>Il Ruolo di BOD 22-01<\/strong><\/h2>\n\n\n<p>Le agenzie del Ramo Esecutivo Civile Federale (FCEB) soggette a <a class=\"\" href=\"https:\/\/www.cisa.gov\/news-events\/directives\/bod-22-01-reducing-significant-risk-known-exploited-vulnerabilities\">Direttiva Operativa Vincolante 22-01<\/a> devono sanare le vulnerabilit\u00e0 elencate nel KEV entro i tempi prescritti. La direttiva impone una risposta strutturata e prioritaria alle CVE attivamente sfruttate a favore di posizioni di sicurezza pi\u00f9 robuste nelle reti governative.<br>Mentre la direttiva \u00e8 rivolta alle agenzie federali, CISA suggerisce fortemente che tutte le organizzazioni\u2014aziende private, fornitori di infrastrutture critiche e fornitori di SaaS\u2014utilizzino il catalogo KEV come una lista di sanificazione urgente.<\/p>\n\n\n<h2 class=\"wp-block-heading\" id=\"expert-advice-for-security-teams\"><strong>Consigli degli Esperti per i Team di Sicurezza<\/strong><\/h2>\n\n\n<p>Al Security Briefing, esortiamo un'azione immediata per gli amministratori che supervisionano le installazioni di Commvault o Yii:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Controllare ogni installazione del Commvault Command Center e delle applicazioni web basate su Yii.<\/li>\n\n\n\n<li>Applicare patch o mitigazioni il prima possibile. Un ritardo prolungato nell'applicazione delle patch per le vulnerabilit\u00e0 sfruttate pubblicamente pu\u00f2 portare a compromissioni dirette.<\/li>\n\n\n\n<li>Applicare controlli di accesso ai file e firewall per applicazioni web (WAF) per identificare e prevenire tentativi di traversata del percorso o accesso a percorsi alternativi.<\/li>\n\n\n\n<li>Track CISA\u2019s KEV Catalog on a weekly basis\u2014incorporate into automated vulnerability scanning and remediation processes.<\/li>\n\n\n\n<li>Controllare i log di accesso e condurre ricerche di minacce per qualsiasi segno di sfruttamento precedente, in particolare nei sistemi esposti esternamente.<\/li>\n<\/ul>\n\n\n\n<p><strong>Pensiero Finale:<\/strong> CISA\u2019s continuous updates to the KEV catalog represent a vital warning system. Not responding to these warnings is the same as keeping known entry points open for cybercriminals, who are actively taking advantage of them. Regardless of whether you belong to the private or public sector, handle each KEV addition with the highest priority. Proactive vulnerability management is no longer a choice\u2014it\u2019s a necessity to securing the modern enterprise.<\/p>","protected":false},"excerpt":{"rendered":"<p>L'Agenzia per la sicurezza informatica e delle infrastrutture (CISA) ha nuovamente aggiornato il suo catalogo delle vulnerabilit\u00e0 note sfruttate (KEV), una fonte critica di informazioni sia per i difensori federali che per quelli del settore privato. Il 2 maggio 2025,\u2026 <a class=\"more-link\" href=\"https:\/\/securitybriefing.net\/it\/notizie\/cisa-aggiunge-due-vulnerabilita-ad-alto-rischio-al-catalogo-sfruttato-cosa-dovrebbero-fare-ora-i-team-di-sicurezza\/\">Continue reading <span class=\"screen-reader-text\">CISA aggiunge due vulnerabilit\u00e0 ad alto rischio al catalogo degli exploit: cosa devono fare ora i team di sicurezza<\/span><\/a><\/p>","protected":false},"author":3,"featured_media":3798,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23],"tags":[],"class_list":["post-3797","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now | Security Briefing<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securitybriefing.net\/it\/notizie\/cisa-aggiunge-due-vulnerabilita-ad-alto-rischio-al-catalogo-sfruttato-cosa-dovrebbero-fare-ora-i-team-di-sicurezza\/\" \/>\n<meta property=\"og:locale\" content=\"it_IT\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now | Security Briefing\" \/>\n<meta property=\"og:description\" content=\"The Cybersecurity and Infrastructure Security Agency (CISA) again refreshed its Known Exploited Vulnerabilities Catalog (KEV)\u2014a critical source of information for both federal and private sector defenders. On May 2, 2025,&hellip; Continua a leggere CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securitybriefing.net\/it\/notizie\/cisa-aggiunge-due-vulnerabilita-ad-alto-rischio-al-catalogo-sfruttato-cosa-dovrebbero-fare-ora-i-team-di-sicurezza\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Briefing\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-04T19:25:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-05-04T19:25:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"966\" \/>\n\t<meta property=\"og:image:height\" content=\"425\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"C\u00e9sar Daniel Barreto\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Scritto da\" \/>\n\t<meta name=\"twitter:data1\" content=\"C\u00e9sar Daniel Barreto\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tempo di lettura stimato\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minuti\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\"},\"author\":{\"name\":\"C\u00e9sar Daniel Barreto\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/person\/164e5a0bfff5012ebfb8eb4d03c2c24c\"},\"headline\":\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now\",\"datePublished\":\"2025-05-04T19:25:49+00:00\",\"dateModified\":\"2025-05-04T19:25:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\"},\"wordCount\":464,\"publisher\":{\"@id\":\"https:\/\/securitybriefing.net\/#organization\"},\"image\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\",\"articleSection\":[\"News\"],\"inLanguage\":\"it-IT\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\",\"url\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\",\"name\":\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now | Security Briefing\",\"isPartOf\":{\"@id\":\"https:\/\/securitybriefing.net\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\",\"datePublished\":\"2025-05-04T19:25:49+00:00\",\"dateModified\":\"2025-05-04T19:25:53+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#breadcrumb\"},\"inLanguage\":\"it-IT\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage\",\"url\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\",\"contentUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\",\"width\":966,\"height\":425,\"caption\":\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securitybriefing.net\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securitybriefing.net\/#website\",\"url\":\"https:\/\/securitybriefing.net\/\",\"name\":\"Security Briefing\",\"description\":\"Read cybersecurity news, online safety guides, cyber threat updates, and use free security tools from Security Briefing.\",\"publisher\":{\"@id\":\"https:\/\/securitybriefing.net\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securitybriefing.net\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"it-IT\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/securitybriefing.net\/#organization\",\"name\":\"Security Briefing\",\"url\":\"https:\/\/securitybriefing.net\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png\",\"contentUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png\",\"width\":256,\"height\":70,\"caption\":\"Security Briefing\"},\"image\":{\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/person\/164e5a0bfff5012ebfb8eb4d03c2c24c\",\"name\":\"C\u00e9sar Daniel Barreto\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/9e709cab74f02e628ffc32849980d0ea51903be7d4bcb52e99250bac60f0b683?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/9e709cab74f02e628ffc32849980d0ea51903be7d4bcb52e99250bac60f0b683?s=96&d=mm&r=g\",\"caption\":\"C\u00e9sar Daniel Barreto\"},\"description\":\"C\u00e9sar Daniel Barreto is an esteemed cybersecurity writer and expert, known for his in-depth knowledge and ability to simplify complex cyber security topics. With extensive experience in network security and data protection, he regularly contributes insightful articles and analysis on the latest cybersecurity trends, educating both professionals and the public.\",\"url\":\"https:\/\/securitybriefing.net\/it\/author\/cesarbarreto\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CISA Aggiunge Due Vulnerabilit\u00e0 ad Alto Rischio al Catalogo Sfruttato: Cosa Dovrebbero Fare Ora i Team di Sicurezza | Briefing sulla Sicurezza","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securitybriefing.net\/it\/notizie\/cisa-aggiunge-due-vulnerabilita-ad-alto-rischio-al-catalogo-sfruttato-cosa-dovrebbero-fare-ora-i-team-di-sicurezza\/","og_locale":"it_IT","og_type":"article","og_title":"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now | Security Briefing","og_description":"The Cybersecurity and Infrastructure Security Agency (CISA) again refreshed its Known Exploited Vulnerabilities Catalog (KEV)\u2014a critical source of information for both federal and private sector defenders. On May 2, 2025,&hellip; Continua a leggere CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now","og_url":"https:\/\/securitybriefing.net\/it\/notizie\/cisa-aggiunge-due-vulnerabilita-ad-alto-rischio-al-catalogo-sfruttato-cosa-dovrebbero-fare-ora-i-team-di-sicurezza\/","og_site_name":"Security Briefing","article_published_time":"2025-05-04T19:25:49+00:00","article_modified_time":"2025-05-04T19:25:53+00:00","og_image":[{"width":966,"height":425,"url":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","type":"image\/jpeg"}],"author":"C\u00e9sar Daniel Barreto","twitter_card":"summary_large_image","twitter_misc":{"Scritto da":"C\u00e9sar Daniel Barreto","Tempo di lettura stimato":"3 minuti"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#article","isPartOf":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/"},"author":{"name":"C\u00e9sar Daniel Barreto","@id":"https:\/\/securitybriefing.net\/#\/schema\/person\/164e5a0bfff5012ebfb8eb4d03c2c24c"},"headline":"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now","datePublished":"2025-05-04T19:25:49+00:00","dateModified":"2025-05-04T19:25:53+00:00","mainEntityOfPage":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/"},"wordCount":464,"publisher":{"@id":"https:\/\/securitybriefing.net\/#organization"},"image":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage"},"thumbnailUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","articleSection":["News"],"inLanguage":"it-IT"},{"@type":"WebPage","@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/","url":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/","name":"CISA Aggiunge Due Vulnerabilit\u00e0 ad Alto Rischio al Catalogo Sfruttato: Cosa Dovrebbero Fare Ora i Team di Sicurezza | Briefing sulla Sicurezza","isPartOf":{"@id":"https:\/\/securitybriefing.net\/#website"},"primaryImageOfPage":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage"},"image":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage"},"thumbnailUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","datePublished":"2025-05-04T19:25:49+00:00","dateModified":"2025-05-04T19:25:53+00:00","breadcrumb":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#breadcrumb"},"inLanguage":"it-IT","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/"]}]},{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage","url":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","contentUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","width":966,"height":425,"caption":"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog"},{"@type":"BreadcrumbList","@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securitybriefing.net\/"},{"@type":"ListItem","position":2,"name":"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now"}]},{"@type":"WebSite","@id":"https:\/\/securitybriefing.net\/#website","url":"https:\/\/securitybriefing.net\/","name":"Briefing sulla sicurezza","description":"Read cybersecurity news, online safety guides, cyber threat updates, and use free security tools from Security Briefing.","publisher":{"@id":"https:\/\/securitybriefing.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securitybriefing.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"it-IT"},{"@type":"Organization","@id":"https:\/\/securitybriefing.net\/#organization","name":"Briefing sulla sicurezza","url":"https:\/\/securitybriefing.net\/","logo":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/","url":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png","contentUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png","width":256,"height":70,"caption":"Security Briefing"},"image":{"@id":"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/securitybriefing.net\/#\/schema\/person\/164e5a0bfff5012ebfb8eb4d03c2c24c","name":"Cesare Daniele Barreto","image":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/securitybriefing.net\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/9e709cab74f02e628ffc32849980d0ea51903be7d4bcb52e99250bac60f0b683?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9e709cab74f02e628ffc32849980d0ea51903be7d4bcb52e99250bac60f0b683?s=96&d=mm&r=g","caption":"C\u00e9sar Daniel Barreto"},"description":"C\u00e9sar Daniel Barreto \u00e8 uno stimato scrittore ed esperto di cybersecurity, noto per la sua conoscenza approfondita e la capacit\u00e0 di semplificare argomenti complessi di sicurezza informatica. Con una vasta esperienza nel campo della sicurezza di rete e della protezione dei dati, contribuisce regolarmente con articoli e analisi approfondite sulle ultime tendenze della cybersecurity, educando sia i professionisti che il pubblico.","url":"https:\/\/securitybriefing.net\/it\/author\/cesarbarreto\/"}]}},"_links":{"self":[{"href":"https:\/\/securitybriefing.net\/it\/wp-json\/wp\/v2\/posts\/3797","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securitybriefing.net\/it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securitybriefing.net\/it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securitybriefing.net\/it\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/securitybriefing.net\/it\/wp-json\/wp\/v2\/comments?post=3797"}],"version-history":[{"count":0,"href":"https:\/\/securitybriefing.net\/it\/wp-json\/wp\/v2\/posts\/3797\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/securitybriefing.net\/it\/wp-json\/wp\/v2\/media\/3798"}],"wp:attachment":[{"href":"https:\/\/securitybriefing.net\/it\/wp-json\/wp\/v2\/media?parent=3797"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securitybriefing.net\/it\/wp-json\/wp\/v2\/categories?post=3797"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securitybriefing.net\/it\/wp-json\/wp\/v2\/tags?post=3797"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}