CISA Adds Critical NAKIVO Vulnerability to Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw affecting NAKIVO Backup & Replication software to its catalog of known exploited vulnerabilities (KEV), citing evidence of active exploitation. The vulnerability in question is CVE-2024-48248 (CVSS score: 8.6), an absolute path traversal bug that could allow an unauthenticated attacker to compromise the system. This flaw enables active exploitation, making it a serious threat to users of NAKIVO software.