FlagThis

CISA has added a new Apache Tomcat vulnerability, identified as CVE-2025-24813, to its Known Exploited Vulnerabilities (KEV) catalog. This action follows evidence that the flaw is being actively exploited in the wild, posing a significant risk to organizations utilizing affected versions of Apache Tomcat. The vulnerability is a path equivalence issue within Apache Tomcat.

To mitigate the risk posed by CVE-2025-24813, impacted users are urged to upgrade their Apache Tomcat installations to the latest secure versions. Specifically, upgrades to Apache Tomcat 11.0.3 or later, Apache Tomcat 10.1.35 or later, or Apache Tomcat 9.0.99 or later are recommended. The advisory also includes IPS protection measures to detect and block potential attack attempts targeting this vulnerability affecting the Apache Tomcat web server.

ImgSrc: securityaffairs

References :

• securityaffairs.com: U.S. CISA adds Apache Tomcat flaw to its Known Exploited Vulnerabilities catalog
• bishopfox.com: Tomcat CVE-2025-24813: What You Need to Know
• securityonline.info: CISA Flags Apache Tomcat CVE-2025-24813 as Actively Exploited with 9.8 CVSS
• fortiguard.fortinet.com: Apache Tomcat RCE
• FireCompass: Critical Apache Tomcat Vulnerability: CVE-2025-24813 Enables RCE – Are You Vulnerable?

Classification:

• HashTags: #Cybersecurity #ApacheTomcat #Vulnerability
• Company: CISA
• Target: Federal Civilian Executive Branch (FCEB) agencies
• Product: Apache Tomcat
• Feature: Path Equivalence Vulnerability
• Malware: CVE-2025-24813
• Type: Vulnerability
• Severity: Major