<ul><li>U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Advantive VeraCore and Ivanti EPM flaws to its Known Exploited Vulnerabilities catalog.</li><li>Vietnamese cybercrime group XE Group is exploiting the Advantive VeraCore vulnerabilities, deploying reverse shells and web shells for remote access.</li><li>No real-world attacks exploiting the Ivanti EPM flaws have been reported, but PoC exploit code is available.</li><li>CISA orders federal agencies to address these vulnerabilities by March 31, 2025.</li></ul>

U.S. CISA adds Advantive VeraCore and Ivanti EPM flaws to its Known Exploited Vulnerabilities catalog

Discover more