CISA Warns of Active Exploitation of ZK Java Framework Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-36537, a high-severity flaw impacting the ZK Framework, to its “Known Exploited Vulnerabilities (KEV)” catalog based on evidence of active exploitation. What is the situation? The vulnerability, cited as a remote code execution (RCE) flaw, impacts ZK Framework versions 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 and enables threat actors to ... Read More