CISA Flags Cisco, Chrome, Arista Flaws Under Attack

CISA added three actively exploited vulnerabilities affecting Cisco, Google Chrome and Arista products to its KEV catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three newly disclosed vulnerabilities affecting Cisco, Google Chrome and Arista products to its Known Exploited Vulnerabilities (KEV) catalog after reports confirmed the flaws are being actively exploited in the wild.

The addition requires U.S. federal civilian agencies to remediate the vulnerabilities by June 23, 2026, under Binding Operational Directive 22-01.

One of the flaws, tracked as CVE-2026-20245, affects Cisco Catalyst SD-WAN Manager. The vulnerability stems from improper encoding or escaping of output and carries a CVSS score of 7.8.

According to CISA, an authenticated local attacker could exploit the flaw by supplying a specially crafted file, potentially allowing arbitrary commands to be executed with root privileges on affected systems.

CISA also added CVE-2026-11645, a high-severity vulnerability in Google’s Chrome browser V8 JavaScript engine.

The flaw is an out-of-bounds read and write issue with a CVSS score of 8.8. A remote attacker could exploit the vulnerability through a specially crafted HTML page, potentially leading to arbitrary code execution within Chrome’s sandbox environment.

The third vulnerability, CVE-2026-7473, affects Arista’s Extensible Operating System (EOS). The flaw has been described as an incomplete comparison with missing factors vulnerability and has also been added to the KEV catalog following evidence of active exploitation.

While technical details regarding ongoing attacks have not been publicly disclosed, CISA’s inclusion of the vulnerability in the KEV catalog indicates that threat actors are actively leveraging the flaw in real-world environments.

The KEV catalog serves as a list of vulnerabilities that have been confirmed as exploited in active attacks. Although remediation deadlines apply specifically to U.S. federal agencies, CISA strongly encourages private-sector organizations to review the affected products and apply available security updates as soon as possible.

The latest additions highlight the continued focus by threat actors on networking infrastructure and widely used software platforms, increasing the importance of timely patch management and vulnerability remediation.

Related articles :

• Coruna iOS Exploit Kit Reuses Triangulation Zero-Days

• Interview with Pentester Cyberjagu

• Critical GitHub Enterprise Flaw Exposes Servers

__Reports are sourced from official documents, law-enforcement updates, and credible investigations.

Discover additional reports, market trends, crime analysis and Harm Reduction articles on DarkDotWeb to stay informed about the latest dark web operations.__