- CISA adds the CMS CMS error to your Kev catalog
- The error was found in the versions of CMS CMS 4 and 5
- Allows the execution of the remote code
The Cybersecurity and Infrastructure Security Agency of the United States Government (CISA) has added a new error in the CMS 4 and 5 versions to its well -known catalog of exploited vulnerabilities (KEV), calling the alarm for abuse in the abuse in the nature.
Vulnerability is a remote code execution failure (RCE) tracked as CVE-2025-23209, but we do not know too many details about it, apart from the fact that the exploitation of fact is not so simple.
To abuse the error, a threat actor must first have the installation security key, a cryptographic key that ensures things like user authentication tokens, session cookies, database values and more.
Decipher confidential data
Threat actors with possession of this error can decipher confidential data, generate false authentication tokens or execute malicious code from distance.
Being added to Kev means that CISA has evidence that someone is abusing the failure in real -life attacks. However, the agency did not detail the attacks, so we do not know who the threat actors are or who are the victims. The deadline to patch the CMS is March 13, 2025. Administrators must look for versions 5.5.8 and 4.13.8.
The administrators who suspect the commitment must eliminate the old keys contained in the files ‘.env’ and generate new ones using the PHP Craft Setup/Security-Key command. They must also be careful not to destroy previously encrypted data, since the new key cannot give access to it.
CRAFT CMS is a content management system designed for developers and content creators. The company announces it as a customizable and intuitive platform with powerful templates, clean control panel and robust content modeling.
There are many ways in which cybercriminals can abuse defective content management systems. For example, they can redirect visitors to a malicious phishing page, stealing their confidential data in the process. They can serve malicious ads or, in more extreme cases, release malware to your computers.
