The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) catalog by adding two significant security flaws – one affecting Adobe ColdFusion and the other impacting Oracle Agile Product Lifecycle Management (PLM).
CVE-2017-3066 in Adobe ColdFusion
The first vulnerability, CVE-2017-3066 (CVSS score: 9.8), is a deserialization flaw in Adobe ColdFusion’s Apache BlazeDS library. This issue permits arbitrary code execution and, although it was remediated back in April 2017, its inclusion in the KEV catalog shows the continuing threat caused by legacy systems that remain unpatched.
CVE-2024-20953 in Oracle Agile PM
The second vulnerability, CVE-2024-20953 (CVSS score: 8.8), targets Oracle Agile PLM. This flaw allows a low-privileged attacker with HTTP network access to compromise the system. It was fixed in January 2024. Despite the absence of widespread public reports on active exploitation of these specific vulnerabilities, a related Oracle Agile PLM flaw (CVE-2024-21287, CVSS score: 7.5) experienced active abuse late last year, serving as a reminder of the potential risks.
In light of these developments, CISA recommends that organizations promptly apply all necessary updates to mitigate potential attacks. Federal agencies, in particular, have until March 17, 2025, to ensure their networks are secured against these threats.
Other Notable Vulnerabilities Now Exploited in the Wild
Threat intelligence firm GreyNoise has also reported active exploitation attempts targeting another now-patched Cisco vulnerability (CVE-2023-20198). GreyNoise observed that approximately 110 malicious IP addresses, primarily from Bulgaria, Brazil, and Singapore, have been linked to this activity.
In a related analysis, the GreyNoise Research Team noted that during December 2024 and January 2025, two malicious IP addresses, originating from Switzerland and the United States respectively, exploited a separate critical Cisco vulnerability (CVE-2018-0171). The flaw was discovered in Cisco IOS Software and Cisco IOS XE Software, and could lead to remote code execution and a denial-of-service condition.
These incidents coincided with reported breaches of telecom networks by Salt Typhoon, a Chinese state-sponsored threat group that exploited vulnerabilities in Cisco devices, including CVE-2023-20198 and another flaw identified as CVE-2023-20273, as reported by cybersecurity news outlets.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me:
Patching fixes critical exploits, but watch for downtime or compatibility issues. Test before deploying!