Image source: jackpress, Shutterstock
Agency puts another 5 vulnerabilities in products from PaperCut, JetBrains, Kentico, Quest and Zimbra on its Known Exploited Vulnerabilities list.
The US Cybersecurity and Infrastructure Security Agency (CISA) has added eight vulnerabilities to its catalog of known exploited vulnerabilities (KEV) citing active exploit activity.
Three of the flaws impact Cisco Catalyst SD-WAN Manager. They have a near immediate due date of April 23, 2026, meaning federal civilian executive branch (FCEB) agencies have until this upcoming Thursday to apply the vendor’s recommended remediation for the flaws, or to stop using the product till they can do so.
The remaining flaws affect products from PaperCut, JetBrains, Kentico, Quest and Zimbra. All the vulnerabilities have a fix-by date of May 4, 2026.
CVE-2023-27351 (CVSS: 8.2) PaperCut NG/MF Improper Authentication Vulnerability
- CVE-2023-27351 is a high-severity authentication bypass vulnerability in PaperCut NG/MF print management servers that allows remote attackers to gain access to affected systems without any credentials.
- Impact: Remote attackers can exploit the flaw to potentially access sensitive data and administrative functions on vulnerable servers.
- Original vendor advisory: https://www.papercut.com/kb/Main/PO-1216-and-PO-1219
CVE-2024-27199 (CVSS: 7.3) JetBrains TeamCity Relative Path Traversal Vulnerability
- CVE-2024-27199 is a high-severity path traversal vulnerability in JetBrains TeamCity continuous integration and deployment platform that allows unauthenticated attackers to bypass access controls and perform limited administrative actions on vulnerable servers.
- Impact: Enables unauthenticated remote attackers to access sensitive configuration data or manipulate build pipelines.
- Original vendor advisory: https://www.jetbrains.com/privacy-security/issues-fixed/
CVE-2025-2749 (CVSS: 7.2) Kentico Xperience Path Traversal Vulnerability
- CVE-2025-2749 affects Kentico Xperience, a content management and digital experience platform that organizations use to build and manage websites, customer portals, and marketing content. The flaw allows an authenticated user to exploit a staging sync feature to perform path traversal and upload malicious files, ultimately enabling remote code execution on the server.
- Impact: A successful exploit could let attackers run arbitrary code on the underlying server and complete take over an affected system.
- Third-party advisory: https://www.vulncheck.com/advisories/kentico-xperience-staging-media-file-upload-authenticated-rce
CVE-2025-32975 (CVSS: N/A) Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability
- CVE-2025-32975 is a critical authentication bypass vulnerability in Quest KACE Systems Management Appliance (SMA) for centralizing endpoint management functions like asset inventory, software deployment, patching, and monitoring across enterprise devices.
- Impact: Unauthenticated attackers can use it to impersonate legitimate users and gain administrative access without credentials.
- Original vendor advisory: https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978
CVE-2025-48700 (CVSS: 6.1) Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability
- CVE-2025-48700 affects the Zimbra Collaboration Suite (ZCS), enterprise email and collaboration platform. The cross-site scripting (XSS) flaw lets attackers inject and execute malicious JavaScript when a user simply views a crafted email.
- Impact: Exploitation can lead to session hijacking and unauthorized access to sensitive mailbox data and requires minimal or no user interaction.
- Original vendor advisory: https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
CVE-2026-20122 (CVSS: 5.4) Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
- CVE-2026-20122 is an improper file handling error in Cisco Catalyst SD-WAN Manager, which organizations use to control and monitor software-defined wide area networks (SD-WAN) across distributed sites and branch offices. An authenticated attacker with low-level (read-only) access can use it to upload malicious files and overwrite arbitrary files on the system.
- Impact: Successful exploitation can lead to privilege escalation and potential network disruption.
- Original vendor advisory: sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v
CVE-2026-20128 (CVSS: 7.5) Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability
- CVE-2026-20128 affects the Data Collection Agent (DCA) feature in Cisco Catalyst SD-WAN Manager. Exposed credential files could allow an attacker to retrieve the DCA password and gain DCA user privileges on affected systems.
- Impact: A remote attack can leverage the exposed credentials to move laterally and access additional systems, expanding their foothold within the SD-WAN environment.
- Original vendor advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v
CVE-2026-20133 (CVSS: 7.5) Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
- CVE-2026-20133 is an insufficient file system access control flaw in Cisco Catalyst SD-WAN Manager. An unauthenticated remote attacker could use it to query the system’s API and read sensitive data from the underlying operating system.
- Impact: Successful exploitation can expose configuration data, credentials and other confidential system information for potential future attacks.
- Original vendor advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v