U.S. CISA adds Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR flaws to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR flaws to its Known Exploited Vulnerabilities (KEV) catalog.

Below are the descriptions for these flaws:

CVE-2013-3893Microsoft Internet Explorer Resource Management Errors Vulnerability
CVE-2007-0671Microsoft Office Excel Remote Code Execution Vulnerability
CVE-2025-8088RARLAB WinRAR Path Traversal Vulnerability

CVE-2013-3893 – The flaw is a use-after-free issue in mshtml.dll’s SetMouseCapture in IE 6–11 that lets remote attackers run arbitrary code via crafted JavaScript, such as an ms-help: URL loading hxds.dll.. In September 2013, security experts at FireEye uncovered theOperation DeputyDogagainst Japanese entities that exploited the zero-day CVE-2013-3893.
CVE-2007-0671 – The flaw is an unspecified issue in Microsoft Excel 2000, XP, 2003, and 2004 for Mac that could let remote, user-assisted attackers execute code, as seen in zero-day attacks.
CVE-2025-8088 – The WinRAR flawCVE-2025-8088 is a directory traversal bug fixed in version 7.13 that was exploited as a zero-day in phishing attacks to deliver RomCom malware, Bleeping Computerfirst reported. The flaw is a path traversal vulnerability affecting the Windows version of WinRAR. Attackers can exploit the vulnerability to execute arbitrary code by crafting malicious archive files. ResearchersAnton Cherepanov, Peter Košinár, and Peter Strýček from ESET disclosed the flaw. Attackers can craft archives that place executables in Windows Startup folders, causing them to run at login and enabling remote code execution. ESET researchers told Bleeping Computer that threat actors actively exploited the vulnerability in spear-phishing attacks to deliverRomCom backdoors.

According toBinding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts also recommend that private organizations review theCatalogand address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix the vulnerabilities bySeptember 2, 2025.