Fact-check: The article is sourced directly from CISA, a reliable government agency, and the claims about the vulnerability and remediation align with verified CISA practices and directives. No contradictions were found in current reporting or on X, confirming the information's accuracy. This fits within the 'Critical Infrastructure' situation context, adding to its trustworthiness.
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added CVE-2024-37079, a Broadcom VMware vCenter Server out-of-bounds write vulnerability, to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation. The vulnerability poses significant risks to federal networks, and FCEB agencies are required to remediate it by a specified due date under Binding Operational Directive 22-01. CISA urges all organizations to prioritize timely remediation as part of their vulnerability management practices.