CISA Flags D-Link, Fortinet Flaws in Exploits List

The U.S. Cybersecurity and Infrastructure Security Agency on Wednesday added three newly exploited vulnerabilities to its Known Exploited Vulnerabilities catalog, signaling active threats to critical systems. CISA flags D-Link flaws among the trio, alongside issues affecting AMI’s MegaRAC and Fortinet’s FortiOS. The agency urged immediate mitigation to reduce potential exposure to attacks.

The vulnerabilities include CVE-2024-54085, a critical flaw in AMI MegaRAC with a maximum CVSS score of 10.0, allowing authentication bypass through spoofing. The second flaw targets D-Link DIR-859 routers, while the third affects Fortinet FortiOS, both identified as actively exploited in the wild. CISA flags D-Link flaws as part of a growing concern over vulnerabilities in consumer-grade networking hardware.

CISA’s KEV catalog highlights threats that attackers are actively using, making timely patching essential. Organizations using affected products should assess exposure and apply security updates without delay.

Read the official report for more details:
https://thehackernews.com/2025/06/cisa-adds-3-flaws-to-kev-catalog.html