{"id":3797,"date":"2025-05-04T19:25:49","date_gmt":"2025-05-04T19:25:49","guid":{"rendered":"https:\/\/securitybriefing.net\/?p=3797"},"modified":"2025-05-04T19:25:53","modified_gmt":"2025-05-04T19:25:53","slug":"cisa-%eb%91%90-%ea%b0%9c%ec%9d%98-%eb%86%92%ec%9d%80-%ec%9c%84%ed%97%98-%ec%b7%a8%ec%95%bd%ec%a0%90%ec%9d%84-%ec%95%85%ec%9a%a9%eb%90%9c-%ec%b9%b4%ed%83%88%eb%a1%9c%ea%b7%b8%ec%97%90-%ec%b6%94","status":"publish","type":"post","link":"https:\/\/securitybriefing.net\/ko\/%eb%89%b4%ec%8a%a4\/cisa-%eb%91%90-%ea%b0%9c%ec%9d%98-%eb%86%92%ec%9d%80-%ec%9c%84%ed%97%98-%ec%b7%a8%ec%95%bd%ec%a0%90%ec%9d%84-%ec%95%85%ec%9a%a9%eb%90%9c-%ec%b9%b4%ed%83%88%eb%a1%9c%ea%b7%b8%ec%97%90-%ec%b6%94\/","title":{"rendered":"CISA, \ub450 \uac1c\uc758 \uace0\uc704\ud5d8 \ucde8\uc57d\uc810\uc744 \uc545\uc6a9 \uce74\ud0c8\ub85c\uadf8\uc5d0 \ucd94\uac00: \ubcf4\uc548 \ud300\uc774 \uc9c0\uae08 \ud574\uc57c \ud560 \uc77c"},"content":{"rendered":"<p>\uc0ac\uc774\ubc84 \ubcf4\uc548 \ubc0f \uc778\ud504\ub77c \ubcf4\uc548\uad6d(CISA)\uc740 \ub2e4\uc2dc \uac31\uc2e0\ud588\uc2b5\ub2c8\ub2e4 <a class=\"\" href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\">\uc54c\ub824\uc9c4 \uc545\uc6a9 \ucde8\uc57d\uc810 \uce74\ud0c8\ub85c\uadf8(KEV)<\/a>\u2014 \uc5f0\ubc29 \ubc0f \ubbfc\uac04 \ubd80\ubb38 \ubc29\uc5b4\uc790 \ubaa8\ub450\uc5d0\uac8c \uc911\uc694\ud55c \uc815\ubcf4 \uc18c\uc2a4\uc785\ub2c8\ub2e4. 2025\ub144 5\uc6d4 2\uc77c, \ub450 \uac00\uc9c0 \ucde8\uc57d\uc810\uc774 \ucd94\uac00\ub418\uc5c8\uc73c\uba70 \uc774\ub294 \uc2e4\uc81c\ub85c \uc545\uc6a9\ub41c \uac83\uc73c\ub85c \ud655\uc778\ub418\uc5c8\uc2b5\ub2c8\ub2e4:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-34028\">CVE-2025-34028 \u2013 Commvault \uba85\ub839 \uc13c\ud130 \uacbd\ub85c \ud0d0\uc0c9 \ucde8\uc57d\uc810<\/a><\/li>\n\n\n\n<li><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-58136\">CVE-2024-58136 \u2013 YiiFramework \ub300\uccb4 \uacbd\ub85c \ucde8\uc57d\uc810: \ubd80\uc801\uc808\ud55c \ubcf4\ud638<\/a><\/li>\n<\/ul>\n\n\n\n<p>\uc774\ub7ec\ud55c \ud655\uc7a5\uc740 \ubaa8\ub4e0 \ubd80\ubb38\uc758 \uc870\uc9c1\uc774 \uc5f0\ubc29\uc758 \uc801\uadf9\uc801\uc778 \uc694\uad6c \uc0ac\ud56d\uc774 \uc5c6\ub354\ub77c\ub3c4 \ucde8\uc57d\uc810 \uad00\ub9ac\uc5d0 \uacbd\uacc4\ud558\uace0 \uc801\uadf9\uc801\uc73c\ub85c \ub300\ucc98\ud574\uc57c \ud560 \ud544\uc694\uc131\uc744 \uac15\uc870\ud569\ub2c8\ub2e4.<\/p>\n\n\n<h2 class=\"wp-block-heading\" id=\"why-these-cves-matter\"><strong>\uc774\ub7ec\ud55c CVE\uac00 \uc911\uc694\ud55c \uc774\uc720<\/strong><\/h2>\n\n\n<p><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-34028\">CVE-2025-34028<\/a> Commvault \uba85\ub839 \uc13c\ud130\uc758 \uacbd\ub85c \ud0d0\uc0c9 \ucde8\uc57d\uc810\uc740 \uacf5\uaca9\uc790\uac00 \uc2b9\uc778\ub418\uc9c0 \uc54a\uc740 \ub514\ub809\ud1a0\ub9ac\ub97c \uc77d\uac70\ub098 \uc758\ub3c4\ub41c \ud30c\uc77c \uad6c\uc870 \uc678\ubd80\uc5d0\uc11c \ucf54\ub4dc\ub97c \uc2e4\ud589\ud560 \uc218 \uc788\uac8c \ud569\ub2c8\ub2e4. \uc774 \ucde8\uc57d\uc810\uc740 \ubc31\uc5c5 \ubc0f \ub370\uc774\ud130 \ubcf4\ud638 \uc2dc\uc2a4\ud15c\uc758 \ubbfc\uac10\ud55c \ud2b9\uc131 \ub54c\ubb38\uc5d0 \ud2b9\ud788 \ubb38\uc81c\uac00 \ub418\uba70, \uc774\ub294 \ub79c\uc12c\uc6e8\uc5b4 \uacf5\uaca9\uc790\uc640 \uad6d\uac00 \uacf5\uaca9\uc790\uc758 \uc120\ud638 \ub300\uc0c1\uc785\ub2c8\ub2e4.<\/p>\n\n\n\n<p><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-58136\">CVE-2024-58136<\/a> \uc77c\ubc18\uc801\uc73c\ub85c \uc6f9 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc5d0\uc11c \uc0ac\uc6a9\ub418\ub294 Yii PHP \ud504\ub808\uc784\uc6cc\ud06c\uc5d0 \uc601\ud5a5\uc744 \ubbf8\uce69\ub2c8\ub2e4. \uc774\ub294 \ub300\uccb4 \uacbd\ub85c\uc758 \ubd80\uc801\uc808\ud55c \ubcf4\ud638\ub85c \uc778\ud574 \ubc1c\uc0dd\ud558\uba70, \uacf5\uaca9\uc790\uac00 \uc774\ub97c \uc704\ud574 \uc124\uacc4\ub41c \uc811\uadfc \uc81c\uc5b4\ub97c \uc6b0\ud68c\ud560 \uc218 \uc788\uac8c \ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc774 \ucde8\uc57d\uc810\uc758 \uc545\uc6a9\uc740 \ubbfc\uac10\ud55c \uae30\ub2a5\uc774\ub098 \ub370\uc774\ud130\uc758 \ubb34\ub2e8 \uc0ac\uc6a9\uc73c\ub85c \uc774\uc5b4\uc9c8 \uc218 \uc788\uc5b4 \uac1c\ubc1c\uc790\uc640 \ud50c\ub7ab\ud3fc \uad00\ub9ac\uc790\uc5d0\uac8c \uc0c1\ub2f9\ud55c \uc704\ud5d8\uc744 \ucd08\ub798\ud569\ub2c8\ub2e4.<\/p>\n\n\n<h2 class=\"wp-block-heading\" id=\"the-role-of-bod-2201\"><strong>BOD 22-01\uc758 \uc5ed\ud560<\/strong><\/h2>\n\n\n<p>\uc5f0\ubc29 \ubbfc\uac04 \ud589\uc815\ubd80(FCEB) \uae30\uad00\uc740 <a class=\"\" href=\"https:\/\/www.cisa.gov\/news-events\/directives\/bod-22-01-reducing-significant-risk-known-exploited-vulnerabilities\">\uc6b4\uc601 \uc9c0\uce68 22-01\uc5d0 \ub530\ub77c<\/a> KEV\uc5d0 \ub098\uc5f4\ub41c \ucde8\uc57d\uc810\uc744 \uc815\ud574\uc9c4 \uc2dc\uac04 \ub0b4\uc5d0 \uc218\uc815\ud574\uc57c \ud569\ub2c8\ub2e4. \uc774 \uc9c0\uce68\uc740 \uc815\ubd80 \ub124\ud2b8\uc6cc\ud06c\uc5d0\uc11c \ubcf4\ub2e4 \uac15\ub825\ud55c \ubcf4\uc548 \uc704\uce58\ub97c \uc120\ud638\ud558\uc5ec \uc801\uadf9\uc801\uc73c\ub85c \uc545\uc6a9\ub418\ub294 CVE\uc5d0 \ub300\ud55c \uad6c\uc870\uc801\uc774\uace0 \uc6b0\uc120\uc21c\uc704\uac00 \uc788\ub294 \ub300\uc751\uc744 \uc694\uad6c\ud569\ub2c8\ub2e4.<br>\uc774 \uc9c0\uce68\uc740 \uc5f0\ubc29 \uae30\uad00\uc744 \ub300\uc0c1\uc73c\ub85c \ud558\uc9c0\ub9cc, CISA\ub294 \ubaa8\ub4e0 \uc870\uc9c1\u2014\ubbfc\uac04 \uae30\uc5c5, \uc911\uc694 \uc778\ud504\ub77c \uc81c\uacf5\uc790, SaaS \uacf5\uae09\uc5c5\uccb4\u2014\uac00 KEV \uce74\ud0c8\ub85c\uadf8\ub97c \uae34\uae09 \uc218\uc815 \ubaa9\ub85d\uc73c\ub85c \uc0ac\uc6a9\ud560 \uac83\uc744 \uac15\ub825\ud788 \uad8c\uc7a5\ud569\ub2c8\ub2e4.<\/p>\n\n\n<h2 class=\"wp-block-heading\" id=\"expert-advice-for-security-teams\"><strong>\ubcf4\uc548 \ud300\uc744 \uc704\ud55c \uc804\ubb38\uac00 \uc870\uc5b8<\/strong><\/h2>\n\n\n<p>\ubcf4\uc548 \ube0c\ub9ac\ud551\uc5d0\uc11c \uc6b0\ub9ac\ub294 Commvault \ub610\ub294 Yii \uc124\uce58\ub97c \uac10\ub3c5\ud558\ub294 \uad00\ub9ac\uc790\uc5d0\uac8c \uc989\uac01\uc801\uc778 \uc870\uce58\ub97c \uad8c\uc7a5\ud569\ub2c8\ub2e4:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Commvault \uba85\ub839 \uc13c\ud130 \ubc0f Yii \uae30\ubc18 \uc6f9 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc758 \ubaa8\ub4e0 \uc124\uce58\ub97c \uac10\uc0ac\ud558\uc2ed\uc2dc\uc624.<\/li>\n\n\n\n<li>\uac00\ub2a5\ud55c \ud55c \ube68\ub9ac \ud328\uce58\ud558\uac70\ub098 \uc644\ud654 \uc870\uce58\ub97c \uc801\uc6a9\ud558\uc2ed\uc2dc\uc624. \uacf5\uac1c\uc801\uc73c\ub85c \uc545\uc6a9\ub41c \ucde8\uc57d\uc810\uc5d0 \ub300\ud55c \ud328\uce58\uac00 \uc9c0\uc5f0\ub418\uba74 \uc9c1\uc811\uc801\uc778 \uc190\uc0c1\uc73c\ub85c \uc774\uc5b4\uc9c8 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/li>\n\n\n\n<li>\ud30c\uc77c \uc811\uadfc \uc81c\uc5b4 \ubc0f \uc6f9 \uc560\ud50c\ub9ac\ucf00\uc774\uc158 \ubc29\ud654\ubcbd(WAF)\uc744 \uc801\uc6a9\ud558\uc5ec \uacbd\ub85c \ud0d0\uc0c9 \ub610\ub294 \ub300\uccb4 \uacbd\ub85c \uc811\uadfc \uc2dc\ub3c4\ub97c \uc2dd\ubcc4\ud558\uace0 \ubc29\uc9c0\ud558\uc2ed\uc2dc\uc624.<\/li>\n\n\n\n<li>Track CISA\u2019s KEV Catalog on a weekly basis\u2014incorporate into automated vulnerability scanning and remediation processes.<\/li>\n\n\n\n<li>\uc811\uadfc \ub85c\uadf8\ub97c \uac10\uc0ac\ud558\uace0 \uc774\uc804 \uc545\uc6a9\uc758 \uc9d5\ud6c4\ub97c \ucc3e\uae30 \uc704\ud574 \uc704\ud611 \uc0ac\ub0e5\uc744 \uc218\ud589\ud558\uc2ed\uc2dc\uc624, \ud2b9\ud788 \uc678\ubd80\uc5d0 \ub178\ucd9c\ub41c \uc2dc\uc2a4\ud15c\uc5d0\uc11c.<\/li>\n<\/ul>\n\n\n\n<p><strong>\ucd5c\uc885 \uc0dd\uac01:<\/strong> CISA\u2019s continuous updates to the KEV catalog represent a vital warning system. Not responding to these warnings is the same as keeping known entry points open for cybercriminals, who are actively taking advantage of them. Regardless of whether you belong to the private or public sector, handle each KEV addition with the highest priority. Proactive vulnerability management is no longer a choice\u2014it\u2019s a necessity to securing the modern enterprise.<\/p>","protected":false},"excerpt":{"rendered":"<p>\uc0ac\uc774\ubc84 \ubcf4\uc548 \ubc0f \uc778\ud504\ub77c \ubcf4\uc548\uad6d(CISA)\uc740 \uc5f0\ubc29 \ubc0f \ubbfc\uac04 \ubd80\ubb38 \uc218\ube44\uc218 \ubaa8\ub450\uc5d0\uac8c \uc911\uc694\ud55c \uc815\ubcf4 \ucd9c\ucc98\uc778 \uc54c\ub824\uc9c4 \uc545\uc6a9 \ucde8\uc57d\uc131 \uce74\ud0c8\ub85c\uadf8(KEV)\ub97c \ub2e4\uc2dc \uc5c5\ub370\uc774\ud2b8\ud588\uc2b5\ub2c8\ub2e4. 2025\ub144 5\uc6d4 2\uc77c,\u2026 <a class=\"more-link\" href=\"https:\/\/securitybriefing.net\/ko\/%eb%89%b4%ec%8a%a4\/cisa-%eb%91%90-%ea%b0%9c%ec%9d%98-%eb%86%92%ec%9d%80-%ec%9c%84%ed%97%98-%ec%b7%a8%ec%95%bd%ec%a0%90%ec%9d%84-%ec%95%85%ec%9a%a9%eb%90%9c-%ec%b9%b4%ed%83%88%eb%a1%9c%ea%b7%b8%ec%97%90-%ec%b6%94\/\"><span class=\"screen-reader-text\">CISA, \ub450 \uac1c\uc758 \uace0\uc704\ud5d8 \ucde8\uc57d\uc810\uc744 \uc545\uc6a9 \uce74\ud0c8\ub85c\uadf8\uc5d0 \ucd94\uac00: \ubcf4\uc548 \ud300\uc774 \uc9c0\uae08 \ud574\uc57c \ud560 \uc77c<\/span> <strong>\uacc4\uc18d \uc77d\uae30<\/strong><\/a><\/p>","protected":false},"author":3,"featured_media":3798,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23],"tags":[],"class_list":["post-3797","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now | Security Briefing<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securitybriefing.net\/ko\/\ub274\uc2a4\/cisa-\ub450-\uac1c\uc758-\ub192\uc740-\uc704\ud5d8-\ucde8\uc57d\uc810\uc744-\uc545\uc6a9\ub41c-\uce74\ud0c8\ub85c\uadf8\uc5d0-\ucd94\/\" \/>\n<meta property=\"og:locale\" content=\"ko_KR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now | Security Briefing\" \/>\n<meta property=\"og:description\" content=\"The Cybersecurity and Infrastructure Security Agency (CISA) again refreshed its Known Exploited Vulnerabilities Catalog (KEV)\u2014a critical source of information for both federal and private sector defenders. On May 2, 2025,&hellip; CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now \uacc4\uc18d \uc77d\uae30\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securitybriefing.net\/ko\/\ub274\uc2a4\/cisa-\ub450-\uac1c\uc758-\ub192\uc740-\uc704\ud5d8-\ucde8\uc57d\uc810\uc744-\uc545\uc6a9\ub41c-\uce74\ud0c8\ub85c\uadf8\uc5d0-\ucd94\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Briefing\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-04T19:25:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-05-04T19:25:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"966\" \/>\n\t<meta property=\"og:image:height\" content=\"425\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"C\u00e9sar Daniel Barreto\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\uae00\uc4f4\uc774\" \/>\n\t<meta name=\"twitter:data1\" content=\"C\u00e9sar Daniel Barreto\" \/>\n\t<meta name=\"twitter:label2\" content=\"\uc608\uc0c1 \ub418\ub294 \ud310\ub3c5 \uc2dc\uac04\" \/>\n\t<meta name=\"twitter:data2\" content=\"3\ubd84\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\"},\"author\":{\"name\":\"C\u00e9sar Daniel Barreto\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/person\/164e5a0bfff5012ebfb8eb4d03c2c24c\"},\"headline\":\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now\",\"datePublished\":\"2025-05-04T19:25:49+00:00\",\"dateModified\":\"2025-05-04T19:25:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\"},\"wordCount\":464,\"publisher\":{\"@id\":\"https:\/\/securitybriefing.net\/#organization\"},\"image\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\",\"articleSection\":[\"News\"],\"inLanguage\":\"ko-KR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\",\"url\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\",\"name\":\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now | Security Briefing\",\"isPartOf\":{\"@id\":\"https:\/\/securitybriefing.net\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\",\"datePublished\":\"2025-05-04T19:25:49+00:00\",\"dateModified\":\"2025-05-04T19:25:53+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#breadcrumb\"},\"inLanguage\":\"ko-KR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"ko-KR\",\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage\",\"url\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\",\"contentUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg\",\"width\":966,\"height\":425,\"caption\":\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securitybriefing.net\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securitybriefing.net\/#website\",\"url\":\"https:\/\/securitybriefing.net\/\",\"name\":\"Security Briefing\",\"description\":\"Read cybersecurity news, online safety guides, cyber threat updates, and use free security tools from Security Briefing.\",\"publisher\":{\"@id\":\"https:\/\/securitybriefing.net\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securitybriefing.net\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"ko-KR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/securitybriefing.net\/#organization\",\"name\":\"Security Briefing\",\"url\":\"https:\/\/securitybriefing.net\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ko-KR\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png\",\"contentUrl\":\"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png\",\"width\":256,\"height\":70,\"caption\":\"Security Briefing\"},\"image\":{\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/person\/164e5a0bfff5012ebfb8eb4d03c2c24c\",\"name\":\"C\u00e9sar Daniel Barreto\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ko-KR\",\"@id\":\"https:\/\/securitybriefing.net\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/9e709cab74f02e628ffc32849980d0ea51903be7d4bcb52e99250bac60f0b683?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/9e709cab74f02e628ffc32849980d0ea51903be7d4bcb52e99250bac60f0b683?s=96&d=mm&r=g\",\"caption\":\"C\u00e9sar Daniel Barreto\"},\"description\":\"C\u00e9sar Daniel Barreto is an esteemed cybersecurity writer and expert, known for his in-depth knowledge and ability to simplify complex cyber security topics. With extensive experience in network security and data protection, he regularly contributes insightful articles and analysis on the latest cybersecurity trends, educating both professionals and the public.\",\"url\":\"https:\/\/securitybriefing.net\/ko\/author\/cesarbarreto\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CISA, \ub450 \uac1c\uc758 \uace0\uc704\ud5d8 \ucde8\uc57d\uc810\uc744 \uc545\uc6a9\ub41c \uce74\ud0c8\ub85c\uadf8\uc5d0 \ucd94\uac00: \ubcf4\uc548 \ud300\uc774 \uc9c0\uae08 \ud574\uc57c \ud560 \uc77c | \ubcf4\uc548 \ube0c\ub9ac\ud551","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securitybriefing.net\/ko\/\ub274\uc2a4\/cisa-\ub450-\uac1c\uc758-\ub192\uc740-\uc704\ud5d8-\ucde8\uc57d\uc810\uc744-\uc545\uc6a9\ub41c-\uce74\ud0c8\ub85c\uadf8\uc5d0-\ucd94\/","og_locale":"ko_KR","og_type":"article","og_title":"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now | Security Briefing","og_description":"The Cybersecurity and Infrastructure Security Agency (CISA) again refreshed its Known Exploited Vulnerabilities Catalog (KEV)\u2014a critical source of information for both federal and private sector defenders. On May 2, 2025,&hellip; CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now \uacc4\uc18d \uc77d\uae30","og_url":"https:\/\/securitybriefing.net\/ko\/\ub274\uc2a4\/cisa-\ub450-\uac1c\uc758-\ub192\uc740-\uc704\ud5d8-\ucde8\uc57d\uc810\uc744-\uc545\uc6a9\ub41c-\uce74\ud0c8\ub85c\uadf8\uc5d0-\ucd94\/","og_site_name":"Security Briefing","article_published_time":"2025-05-04T19:25:49+00:00","article_modified_time":"2025-05-04T19:25:53+00:00","og_image":[{"width":966,"height":425,"url":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","type":"image\/jpeg"}],"author":"C\u00e9sar Daniel Barreto","twitter_card":"summary_large_image","twitter_misc":{"\uae00\uc4f4\uc774":"C\u00e9sar Daniel Barreto","\uc608\uc0c1 \ub418\ub294 \ud310\ub3c5 \uc2dc\uac04":"3\ubd84"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#article","isPartOf":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/"},"author":{"name":"C\u00e9sar Daniel Barreto","@id":"https:\/\/securitybriefing.net\/#\/schema\/person\/164e5a0bfff5012ebfb8eb4d03c2c24c"},"headline":"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now","datePublished":"2025-05-04T19:25:49+00:00","dateModified":"2025-05-04T19:25:53+00:00","mainEntityOfPage":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/"},"wordCount":464,"publisher":{"@id":"https:\/\/securitybriefing.net\/#organization"},"image":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage"},"thumbnailUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","articleSection":["News"],"inLanguage":"ko-KR"},{"@type":"WebPage","@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/","url":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/","name":"CISA, \ub450 \uac1c\uc758 \uace0\uc704\ud5d8 \ucde8\uc57d\uc810\uc744 \uc545\uc6a9\ub41c \uce74\ud0c8\ub85c\uadf8\uc5d0 \ucd94\uac00: \ubcf4\uc548 \ud300\uc774 \uc9c0\uae08 \ud574\uc57c \ud560 \uc77c | \ubcf4\uc548 \ube0c\ub9ac\ud551","isPartOf":{"@id":"https:\/\/securitybriefing.net\/#website"},"primaryImageOfPage":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage"},"image":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage"},"thumbnailUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","datePublished":"2025-05-04T19:25:49+00:00","dateModified":"2025-05-04T19:25:53+00:00","breadcrumb":{"@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#breadcrumb"},"inLanguage":"ko-KR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/"]}]},{"@type":"ImageObject","inLanguage":"ko-KR","@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#primaryimage","url":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","contentUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2025\/05\/CISA-Adds-Two-High-Risk-Vulnerabilities-to-Exploited-Catalog.jpg","width":966,"height":425,"caption":"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog"},{"@type":"BreadcrumbList","@id":"https:\/\/securitybriefing.net\/news\/cisa-adds-two-high-risk-vulnerabilities-to-exploited-catalog-what-security-teams-should-do-now\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securitybriefing.net\/"},{"@type":"ListItem","position":2,"name":"CISA Adds Two High-Risk Vulnerabilities to Exploited Catalog: What Security Teams Should Do Now"}]},{"@type":"WebSite","@id":"https:\/\/securitybriefing.net\/#website","url":"https:\/\/securitybriefing.net\/","name":"\ubcf4\uc548 \ube0c\ub9ac\ud551","description":"Read cybersecurity news, online safety guides, cyber threat updates, and use free security tools from Security Briefing.","publisher":{"@id":"https:\/\/securitybriefing.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securitybriefing.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ko-KR"},{"@type":"Organization","@id":"https:\/\/securitybriefing.net\/#organization","name":"\ubcf4\uc548 \ube0c\ub9ac\ud551","url":"https:\/\/securitybriefing.net\/","logo":{"@type":"ImageObject","inLanguage":"ko-KR","@id":"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/","url":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png","contentUrl":"https:\/\/securitybriefing.net\/wp-content\/uploads\/2023\/06\/security-briefing-logo-5.png","width":256,"height":70,"caption":"Security Briefing"},"image":{"@id":"https:\/\/securitybriefing.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/securitybriefing.net\/#\/schema\/person\/164e5a0bfff5012ebfb8eb4d03c2c24c","name":"\uc138\uc790\ub974 \ub2e4\ub2c8\uc5d8 \ubc14\ub808\ud1a0","image":{"@type":"ImageObject","inLanguage":"ko-KR","@id":"https:\/\/securitybriefing.net\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/9e709cab74f02e628ffc32849980d0ea51903be7d4bcb52e99250bac60f0b683?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9e709cab74f02e628ffc32849980d0ea51903be7d4bcb52e99250bac60f0b683?s=96&d=mm&r=g","caption":"C\u00e9sar Daniel Barreto"},"description":"\uc138\uc790\ub974 \ub2e4\ub2c8\uc5d8 \ubc14\ub808\ud1a0\ub294 \uc0ac\uc774\ubc84 \ubcf4\uc548\uc5d0 \ub300\ud55c \uae4a\uc774 \uc788\ub294 \uc9c0\uc2dd\uacfc \ubcf5\uc7a1\ud55c \uc0ac\uc774\ubc84 \ubcf4\uc548 \uc8fc\uc81c\ub97c \ub2e8\uc21c\ud654\ud558\ub294 \ub2a5\ub825\uc73c\ub85c \uc720\uba85\ud55c \uc800\uba85\ud55c \uc0ac\uc774\ubc84 \ubcf4\uc548 \uc791\uac00\uc774\uc790 \uc804\ubb38\uac00\uc785\ub2c8\ub2e4. \ub124\ud2b8\uc6cc\ud06c \ubcf4\uc548 \ubc0f \ub370\uc774\ud130 \ubcf4\ud638 \ubd84\uc57c\uc5d0\uc11c \ud3ed\ub113\uc740 \uacbd\ud5d8\uc744 \uc313\uc740 \uadf8\ub294 \uc815\uae30\uc801\uc73c\ub85c \ucd5c\uc2e0 \uc0ac\uc774\ubc84 \ubcf4\uc548 \ud2b8\ub80c\ub4dc\uc5d0 \ub300\ud55c \ud1b5\ucc30\ub825 \uc788\ub294 \uae30\uace0\uc640 \ubd84\uc11d\uc744 \ud1b5\ud574 \uc804\ubb38\uac00\uc640 \uc77c\ubc18\uc778 \ubaa8\ub450\ub97c \uad50\uc721\ud558\uace0 \uc788\uc2b5\ub2c8\ub2e4.","url":"https:\/\/securitybriefing.net\/ko\/author\/cesarbarreto\/"}]}},"_links":{"self":[{"href":"https:\/\/securitybriefing.net\/ko\/wp-json\/wp\/v2\/posts\/3797","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securitybriefing.net\/ko\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securitybriefing.net\/ko\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securitybriefing.net\/ko\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/securitybriefing.net\/ko\/wp-json\/wp\/v2\/comments?post=3797"}],"version-history":[{"count":0,"href":"https:\/\/securitybriefing.net\/ko\/wp-json\/wp\/v2\/posts\/3797\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/securitybriefing.net\/ko\/wp-json\/wp\/v2\/media\/3798"}],"wp:attachment":[{"href":"https:\/\/securitybriefing.net\/ko\/wp-json\/wp\/v2\/media?parent=3797"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securitybriefing.net\/ko\/wp-json\/wp\/v2\/categories?post=3797"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securitybriefing.net\/ko\/wp-json\/wp\/v2\/tags?post=3797"}],"curies":[{"name":"\uc6cc\ub4dc\ud504\ub808\uc2a4 (wp)","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}