Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

CISA adds Hikvision and Rockwell Automation flaws to KEV catalog

Public Sector Action
First reported
Last updated
Happening score
H score 38
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2017-7921 and CVE-2021-22681 to the Known Exploited Vulnerabilities (KEV) catalog, highlighting active exploitation and pushing FCEB agencies to prioritize remediation by March 26, 2026.

Related Happenings

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

Open Happening

CISA April 7 Rockwell Automation/Allen-Bradley PLC mitigation advisory

Advisory/Mitigation
First: 08.04.2026 11:15 Last: 08.04.2026 11:15 Sources 1

About this happening: **CISA** and authoring agencies issued **April 7** mitigation guidance for **internet-facing OT assets**, warning that **US critical infrastructure** operators using **Rockwell Au...

Open Happening

CISA BOD 22-01 order for FCEB iOS patching

Public Sector Action
First: 23.03.2026 10:37 Last: 23.03.2026 10:37 Sources 1

About this happening: **CISA** ordered **FCEB agencies** to secure devices against **DarkSword-linked iOS flaws**, tightening federal exposure to attacks that enabled **sandbox escape** and **remote co...

Open Happening

CISA KEV remediation order for five exploited Apple, Craft CMS, and Laravel Livewire flaws

Advisory/Mitigation
First: 21.03.2026 10:25 Last: 21.03.2026 10:25 Sources 1

About this happening: **CISA** added **five exploited flaws** affecting **Apple**, **Craft CMS**, and **Laravel Livewire** to the **KEV catalog**, creating an urgent remediation requirement for federal...

Open Happening

CISA KEV listing for Wing FTP CVE-2025-47813

Public Sector Action
First: 17.03.2026 07:23 Last: 17.03.2026 07:23 Sources 1

About this happening: CISA added **CVE-2025-47813** in **Wing FTP Server** to the **KEV catalog** after evidence of **active exploitation**, putting the flaw under formal government tracking. The listi...

Open Happening

Timeline

  1. 06.03.2026 08:30 2 articles · 2mo ago

    CISA adds Hikvision and Rockwell flaws to KEV catalog

    Initial Disclosure

    CISA added CVE-2017-7921, an improper authentication flaw affecting multiple Hikvision products, and CVE-2021-22681, an insufficiently protected credentials flaw affecting Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, and Logix Controllers, to its Known Exploited Vulnerabilities (KEV) catalog after citing active exploitation. The addition followed SANS Internet Storm Center detection of exploit attempts against Hikvision cameras susceptible to CVE-2017-7921, while no public report described attacks involving CVE-2021-22681.

    Show sources
    Open in new tab
  2. 06.03.2026 08:30 1 articles · 2mo ago

    FCEB remediation deadline set for March 26, 2026

    Legal Policy Action Update

    Federal Civilian Executive Branch agencies are recommended to update to the latest supported software versions for affected Hikvision and Rockwell Automation products by March 26, 2026 under Binding Operational Directive (BOD) 22-01. CISA also urges other organizations to prioritize timely remediation of KEV Catalog vulnerabilities as part of vulnerability management practice.

    Show sources
    Open in new tab