U.S. CISA Adds D-Link Cameras and Network Video Recorder Flaws to its Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken another step to enhance the nation's cybersecurity by adding several high-priority vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The latest additions include D-Link cameras and Network Video Recorder flaws, which pose significant risks to federal agencies and private organizations alike.

According to a recent update on CISA's KEV catalog, the agency has identified several critical vulnerabilities in various products and systems that have already been exploited by malicious actors. These flaws were added to the catalog as part of Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities.

Under this directive, federal agencies are required to address the identified vulnerabilities by a specific deadline to protect their networks against attacks that exploit these flaws. CISA has mandated that all federal agencies fix these vulnerabilities by August 26, 2025.

Experts are warning private organizations to take heed of this development and review the KEV catalog to identify potential vulnerabilities in their own infrastructure. By addressing these weaknesses proactively, organizations can significantly reduce the risk of a successful cyberattack.

It's worth noting that CISA's efforts to highlight critical vulnerabilities and provide guidance on remediation are crucial in promoting a culture of cybersecurity awareness and compliance among federal agencies and private sector organizations alike. As the threat landscape continues to evolve, it's essential for all stakeholders to stay vigilant and take proactive steps to protect their networks and systems.

Stay informed about the latest developments in cybersecurity by following me on Twitter: @securityaffairs, Facebook, and Mastodon.