<ul><li>U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws to its Known Exploited Vulnerabilities catalog.</li><li>The vulnerability CVE-2025-30406 (CVSS score 9.0) is a deserialization issue due to the CentreStack portal’s hardcoded machineKey use. It has been addressed in version 16.4.10315.56368 released on April 3, 2025.</li><li>The vulnerability CVE-2025-29824 (CVSS score of 7.8) is a Use after free in Windows Common Log File System Driver. It has been exploited in attacks in the wild.</li><li>CISA orders federal agencies to fix this vulnerability by April 29, 2025.</li></ul>

U.S. CISA adds Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws to its Known Exploited Vulnerabilities catalog

Discover more