<ul data-eligibleForWebStory="true"><li>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities (KEV) catalog.</li><li>The D-Link DIR-859 Router Path Traversal Vulnerability (CVE-2024-0769) can lead to information disclosure, and hackers are exploiting it to collect account information.</li><li>GreyNoise observed exploitation attempts targeting the D-Link DIR-859 routers, impacting all devices and potentially exposing user credentials.</li><li>CISA orders federal agencies to address the identified vulnerabilities by July 16, 2025, to protect against attacks exploiting the flaws in the catalog.</li></ul>

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

Discover more