CISA has added a new vulnerability, CVE-2025-61757, to its KEV Catalog, indicating active exploitation and increasing risks for federal systems. While primarily targeting FCEB agencies, CISA advises all organizations to prioritize remediation efforts against known exploited vulnerabilities. #CVE202561757 #OracleFusionMiddleware
Keypoints
- CISA added CVE-2025-61757 to the KEV Catalog due to active exploitation evidence.
- This vulnerability affects Oracle Fusion Middleware and involves missing authentication.
- The KEV Catalog is part of BOD 22-01, which mandates remediation for federal agencies.
- CISA urges all organizations to address KEV vulnerabilities promptly to reduce cyber risks.
- The KEV Catalog is continuously updated with vulnerabilities that pose significant threats.