Jump to the main content block
  1. Home
  2. Information Security
  3. Vulnerability Alert

【Vulnerability Alert】CISA Adds 14 Known Exploited Vulnerabilities to the KEV Catalog (2026/04/20-2026/04/26) (Part 1)

publish date : 2026-04-30 update date : 2026-04-30

Source: Ministry of education information & communication security contingency platform

"" "" ""

Publication Number TACERT-ANA-2026042704043939 Publication Time 2026/04/27 16:49
Incident Type ANA-Vulnerability Alert Discovery Time 2026/04/27 16:49
Impact Level Low  
[Subject]
【Vulnerability Alert】CISA Adds 14 Known Exploited Vulnerabilities to the KEV Catalog (2026/04/20-2026/04/26) (Part 1)
[Content]
Forwarded from TWCERTCC-200-202604-00000027

【CVE-2026-20122】Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability (CVSS v3.1: 5.4)
【Whether exploited by ransomware: Unknown】 Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability. An attacker can exploit this vulnerability by uploading a malicious file to the local file system. After successful exploitation, the attacker can overwrite arbitrary files on the affected system and obtain vmanage user privileges.

【CVE-2026-20133】Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVSS v3.1: 6.5)
【Whether exploited by ransomware: Unknown】 Cisco Catalyst SD-WAN Manager contains a vulnerability that exposes sensitive information to an unauthorized actor, which may allow a remote attacker to view sensitive information on the affected system.

【CVE-2025-2749】Kentico Xperience Path Traversal Vulnerability (CVSS v3.1: 7.2)
【Whether exploited by ransomware: Unknown】 Kentico Xperience contains a path traversal vulnerability, which may allow an authenticated user’s Staging Sync Server to upload arbitrary data to a relative path location.

【CVE-2023-27351】PaperCut NG/MF Improper Authentication Vulnerability (CVSS v3.1: 8.2)
【Whether exploited by ransomware: Known】 PaperCut NG/MF contains an improper authentication vulnerability, which may allow a remote attacker to bypass authentication on affected installations through the SecurityRequestFilter class.

【CVE-2025-48700】Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability (CVSS v3.1: 6.1)
【Whether exploited by ransomware: Unknown】 Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability, which may allow an attacker to execute arbitrary JavaScript in a user session, thereby leading to unauthorized access to sensitive information.

【CVE-2026-20128】Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability (CVSS v3.1: 7.5)
【Whether exploited by ransomware: Unknown】 Cisco Catalyst SD-WAN Manager contains a vulnerability in which passwords are stored in a recoverable format, allowing an authenticated local attacker with low-privileged user access to access the credential file of the DCA user in the file system, thereby obtaining DCA user privileges.

【CVE-2025-32975】Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability (CVSS v3.1: 10.0)
【Whether exploited by ransomware: Unknown】 Quest KACE Systems Management Appliance (SMA) contains an improper authentication vulnerability, which may allow an attacker to impersonate a legitimate user without valid credentials.


(Information Sharing Level: WHITE (Information content can be publicly disclosed)
[Affected Platform]

【CVE-2026-20122】Please refer to the affected versions listed by the official source https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v

【CVE-2026-20133】Please refer to the affected versions listed by the official source https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v

【CVE-2025-2749】 Kentico Xperience versions before 13.0.178 (inclusive)

【CVE-2023-27351】Please refer to the affected versions listed by the official source https://www.papercut.com/kb/Main/PO-1216-and-PO-1219

【CVE-2025-48700】Please refer to the affected versions listed by the official source https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

【CVE-2026-20128】Please refer to the affected versions listed by the official source https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v

【CVE-2025-32975】Please refer to the affected versions listed by the official source https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978
[Recommended Actions]

【CVE-2026-20122】 The official source has released a fix update for the vulnerability. Please update to the relevant version https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v

【CVE-2026-20133】 The official source has released a fix update for the vulnerability. Please update to the relevant version https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v

【CVE-2025-2749】 The official source has released a fix update for the vulnerability. Please update to the relevant version https://devnet.kentico.com/download/hotfixes

【CVE-2023-27351】 The official source has released a fix update for the vulnerability. Please update to the relevant version https://www.papercut.com/kb/Main/PO-1216-and-PO-1219

【CVE-2025-48700】 The official source has released a fix update for the vulnerability. Please update to the relevant version https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

【CVE-2026-20128】 The official source has released a fix update for the vulnerability. Please update to the relevant version https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v

【CVE-2025-32975】 The official source has released a fix update for the vulnerability. Please update to the relevant version https://support.quest.com/kb/4379499/quest-response-to-kace-sma-vulnerabilities-cve-2025-32975-cve-2025-32976-cve-2025-32977-cve-2025-32978
[Reference]
 
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer: Computer Center
Click Num:
Print