**U.S. CISA Takes Action Against Known Exploited Vulnerabilities**

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: a WinRAR directory traversal flaw and a use-after-free vulnerability in Windows Cloud Files Mini Filter Driver.

These additions bring the total number of known exploited vulnerabilities in the KEV catalog to [insert current number]. The CISA has issued a directive for federal agencies to address these vulnerabilities by December 30, 2025, to protect their networks against attacks exploiting these flaws.

**WinRAR Directory Traversal Flaw**

The first vulnerability added to the KEV catalog is CVE-2025-6218, a WinRAR directory traversal flaw that allows attackers to execute code by tricking users into opening malicious archives or webpages. This vulnerability was reported by whs3-detonator and enables attackers to write files outside intended directories, resulting in arbitrary code execution with the user's privileges.

The advisory for this vulnerability reads: "This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file." The specific flaw exists within the handling of file paths within archive files, and a crafted file path can cause the process to traverse to unintended directories.

**Windows Cloud Files Mini Filter Driver Use-After-Free Vulnerability**

The second vulnerability added to the KEV catalog is CVE-2025-62221, a use-after-free vulnerability in Windows Cloud Files Mini Filter Driver that allows an authorized attacker to elevate privileges locally. According to the advisory, "An attacker who successfully exploited this vulnerability could gain SYSTEM privileges."

**Impact and Recommendations**

Experts recommend that private organizations review the KEV catalog and address these vulnerabilities in their infrastructure. The CISA has ordered federal agencies to fix these vulnerabilities by December 30, 2025, to protect their networks against attacks exploiting these flaws.

The addition of these two vulnerabilities to the KEV catalog serves as a reminder for organizations to prioritize patching and updating their systems regularly. With the threat landscape constantly evolving, it is essential for organizations to stay ahead of potential threats by addressing known exploited vulnerabilities in a timely manner.

**Stay Informed**

Follow me on Twitter: @securityaffairs and Facebook and Mastodon for the latest news and updates on cybersecurity and hacking.