CISA has added three actively exploited vulnerabilities in Citrix and Git to its KEV Catalogue. Federal businesses should patch the issues by September 15, 2025.
The US authorities’s Cybersecurity and Infrastructure Safety Company (CISA) has added three new vulnerabilities to its record of flaws which are actively being exploited by hackers, warning federal businesses to patch them instantly. The pressing alert, issued on August 25, 2025, covers two vulnerabilities in Citrix Session Recording and a serious flaw in Git, the favored code administration system.
These vulnerabilities have been added to the Recognized Exploited Vulnerabilities (KEV) Catalogue, a public record of safety points which are confirmed to be underneath assault. Whereas the mandate to repair these vulnerabilities applies on to federal authorities businesses, CISA strongly urges all personal organisations to deal with these as a prime precedence for remediation to guard in opposition to cyber threats.
Flaws in Citrix and Git
Two of the newly added vulnerabilities, recognized as CVE-2024-8068 and CVE-2024-8069, have an effect on Citrix Session Recording. Each of those flaws have a CVSS rating of 5.1, which is taken into account a medium-severity ranking.
Reportedly, these flaws might enable an attacker who’s already inside a community to take over a system and run malicious code. The vulnerabilities can solely be exploited by an authenticated consumer on the identical community, that means a hacker must have a foothold contained in the system first. Citrix launched safety patches for each of those points again in November 2024.
The third vulnerability, CVE-2025-48384, impacts Git, a device that hundreds of thousands of builders use to handle and share their code. This explicit flaw, which was given a excessive severity rating of 8.1, stems from how Git handles sure textual content characters in its configuration information.
An attacker might exploit this by composing a malicious file that, when a consumer clones a repository, might result in a silent and surprising code execution on their machine. A proof-of-concept for this exploit was launched by Datadog shortly after it was patched by Git in July 2025.
The Name to Motion
To adjust to Binding Operational Directive (BOD) 22-01, all US Federal Civilian Govt Department businesses should repair these vulnerabilities by September 15, 2025. CISA emphasises that every one organisations ought to make it a apply to often evaluate the KEV Catalogue and prioritise fixing the issues listed, as they symbolize essentially the most instant and important dangers being exploited within the wild.
In a remark shared with Hackread.com, Gunter Ollmann, CTO of Cobalt, emphasised the significance of this alert for everybody. He defined that even reasonable safety flaws can change into extremely harmful when hackers have entry to dependable instruments to use them.
“Organisations ought to deal with the KEV catalogue as a dwelling risk intelligence feed, prioritising remediation of those vulnerabilities as a result of they symbolize what attackers are actively exploiting in the present day,” he acknowledged.
This highlights that the vulnerabilities on this record should not simply theoretical dangers; they’re the lively weapons in an attacker’s arsenal proper now.
