U.S. CISA adds Samsung MagicINFO 9 Server flaw to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken a significant step in protecting the nation's networks by adding a critical vulnerability in Samsung MagicINFO 9 Server to its Known Exploited Vulnerabilities (KEV) catalog. This move aims to alert federal agencies, private organizations, and individuals about the potential threat posed by this vulnerability, ensuring they take necessary measures to patch it before it's too late.
The vulnerability, tracked as CVE-2025-4632, has a critical Common Vulnerability Scoring System (CVSS) score of 9.8. This rating signifies that the flaw is extremely severe and can be exploited by attackers to write arbitrary files as system authorities. The vulnerability affects Samsung MagicINFO 9 Server version before 21.1052, leaving it vulnerable to exploitation.
"Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server allows attackers to write arbitrary file as system authority," reads the advisory from CISA. This highlights the critical nature of the flaw and the potential consequences of not addressing it promptly.
According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, federal agencies are required to address the identified vulnerabilities by their due date to protect their networks against attacks exploiting the flaws in the catalog. Experts recommend that private organizations also review the catalog and take necessary measures to patch these vulnerabilities in their infrastructure.
CISA has issued a deadline for federal agencies to fix this vulnerability by June 12, 2025. This move underscores the agency's commitment to keeping the nation's networks secure and ensuring that all critical systems are protected against known threats.
This is not the first time CISA has added new vulnerabilities to its KEV catalog. In recent weeks, the agency has also added Ivanti EPMM, MDaemon Email Server, Srimax Output Messenger, Zimbra Collaboration, and ZKTeco BioTime flaws to the list. These additions serve as a reminder that cybersecurity is an ongoing effort requiring continuous monitoring and vigilance.
Stay informed about the latest cybersecurity threats and vulnerabilities by following me on Twitter: @securityaffairs and Facebook and Mastodon. Together, we can stay one step ahead of cyber threats and build a safer digital landscape for all.
Key Dates:
- June 12, 2025: Deadline for federal agencies to fix the vulnerability
- Due date: Agencies must address identified vulnerabilities by their due date to protect networks against attacks exploiting the flaws in the catalog