ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·3/3/2022
CVE-2019-1652 added to CISA KEV: Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
Status: ✅ Confirmed exploited in the wild
Date added: 2022-03-03
Required action: Apply updates per vendor instructions.
Due date: 2022-03-17
Why this matters
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.