CISA Adds Two Known Exploited Vulnerabilities to Catalog
Release Date February 12, 2025
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

CVE-2025-24200 Apple iOS and iPadOS Incorrect Authorization Vulnerability
CVE-2024-41710 Mitel SIP Phones Argument Injection Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
[https://www.cisa.gov/news-events/alerts/2025/02/12/cisa-adds-two-known-exploited-vulnerabilities-catalog]