Vumetric is now part of the TELUS family! Learn more →

CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency has added a recently patched security flaw in Microsoft’s.

NET and Visual Studio products to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation.

It was addressed by Microsoft as part of its August 2023 Patch Tuesday updates shipped earlier this week, tagging it with an “Exploitation More Likely” assessment.

While exact details surrounding the nature of exploitation are unclear, the Windows maker has acknowledged the existence of a proof-of-concept in its advisory.

It also said that attacks leveraging the flaw can be pulled off without any additional privileges or user interaction.

To mitigate potential risks, CISA has recommended Federal Civilian Executive Branch agencies to apply vendor-provided fixes for the vulnerability by August 30, 2023.

Share this article on social media:

Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.
This field is for validation purposes and should be left unchanged.

Recent News

Featured Services

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:


Enter your Email Address

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g:,, etc.)


Penetration Testing Buyer's Guide

Everything You Need to Know

Gain full confidence in your future cybersecurity assessments by learning to plan, scope and execute projects.
This site is registered on as a development site. Switch to a production site key to remove this banner.