{"id":749,"date":"2026-04-29T09:36:01","date_gmt":"2026-04-29T09:36:01","guid":{"rendered":"https:\/\/thedigitalfortress.us\/?p=749"},"modified":"2026-04-29T09:36:01","modified_gmt":"2026-04-29T09:36:01","slug":"cisa-adds-actively-exploited-connectwise-and-windows-flaws-to-kev","status":"publish","type":"post","link":"https:\/\/thedigitalfortress.us\/?p=749","title":{"rendered":"CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV"},"content":{"rendered":"<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">Apr 29, 2026<\/span><\/span><span class=\"p-tags\">Vulnerability \/ Network Security<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a href=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEifGMiUJH-3-Yk7Hnve0k2mPxHZecIbCTTN7z_CosJp8GhI7hira6707ALIDB4skUc8UbRdmWtbhz4n9fe8T-h3OGzul9awiw8DFsnsSORkjKfXr4dgEGX_ncQ7dWBYGAhyU3Efo8-z_YPCEFC_bUDH8eYeX_w6QcDrOWTnpRXqOF_IATm0t-xxMJp6uYWc\/s1700-e365\/windows-logo.jpg\" style=\"display: block;  text-align: center; clear: left; float: left;\"><\/a><\/div>\n<p>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2026\/04\/28\/cisa-adds-two-known-exploited-vulnerabilities-catalog\">added<\/a> two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (<a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\">KEV<\/a>) catalog, based on evidence of active exploitation.<\/p>\n<p>The vulnerabilities are listed below &#8211;<\/p>\n<ul>\n<li><strong>CVE-2024-1708<\/strong> (CVSS score: 8.4) &#8211; A path traversal vulnerability in\u00a0 ConnectWise ScreenConnect that could allow an attacker to execute remote code or directly impact confidential data and critical systems. (Fixed in February 2024)<\/li>\n<li><strong>CVE-2026-32202<\/strong> (CVSS score: 4.3) &#8211; A protection mechanism failure vulnerability in\u00a0 Microsoft Windows Shell that could allow an unauthorized attacker to perform spoofing over a network. (Fixed in April 2026)<\/li>\n<\/ul>\n<div class=\"dog_two clear\">\n<div class=\"cf\"><a href=\"https:\/\/thehackernews.uk\/ai-agentic-guide-d-3\" rel=\"nofollow noopener sponsored\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybersecurity\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgKLSgj9Smgyqpn4Kj-zAzWxJG1LUku8TpOERMxD6_hmMZQtXRFYXU-NA2ocnjrRafjkLtrxujKRuBstSZ4Il5z6hOu4oa7UM1FjkNoRQqrF5MWlShygYIqpnMGxHX2RHEBh9Y40x-p4PKn3cSlaWTEwKiVBDSoJgLPzR09dmp8HBffLlIqro73HVD30D00\/s728-e100\/nudge-d-3.jpg\" width=\"729\" height=\"91\"\/><\/a><\/div>\n<\/div>\n<p>The addition of CVE-2026-32202 to the KEV catalog comes a day after Microsoft updated its advisory\u00a0for the flaw to acknowledge it had come under active exploitation.<\/p>\n<p>Although Microsoft has not disclosed the nature of the attacks weaponizing the flaw, Akamai said the vulnerability stemmed from an incomplete patch for CVE-2026-21510, which was exploited as a zero-day alongside CVE-2026-21513 by the Russian hacking group APT28 in attacks targeting Ukraine and E.U. countries since December 2025.<\/p>\n<p>Attacks exploiting CVE-2024-1708, on the other hand, have been chained with CVE-2024-1709 (CVSS score: 10.0), a <a href=\"https:\/\/www.connectwise.com\/company\/trust\/security-bulletins\/connectwise-screenconnect-23.9.8\">critical authentication bypass<\/a> vulnerability, by multiple threat actors over the years. Earlier this month, Microsoft linked the exploitation of the flaws to a China-based threat actor it tracks as Storm-1175 in attacks deploying Medusa ransomware.<\/p>\n<p>It&#8217;s worth noting that CISA added CVE-2024-1709 to the KEV catalog on February 22, 2024. Federal Civilian Executive Branch (FCEB) agencies are required to apply the necessary fixes by May 12, 2026, to secure their networks.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>\ue804Ravie Lakshmanan\ue802Apr 29, 2026Vulnerability \/ Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known&hellip;<\/p>\n","protected":false},"author":1,"featured_media":750,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[201,200,62,1464,128,11,203,307],"class_list":["post-749","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-actively","tag-adds","tag-cisa","tag-connectwise","tag-exploited","tag-flaws","tag-kev","tag-windows"],"_links":{"self":[{"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/posts\/749","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=749"}],"version-history":[{"count":0,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/posts\/749\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=\/wp\/v2\/media\/750"}],"wp:attachment":[{"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=749"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=749"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/thedigitalfortress.us\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=749"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}