Cisco: CVE-2008-4128 Added to CISA KEV Under Active Exploitation
Cisco Systems, Inc. has seen one of its vulnerabilities, CVE-2008-4128, added to CISA's Known Exploited Vulnerabilities catalog, confirming its active exploitation in the wild.

Key findings
- CVE-2008-4128, a Cisco vulnerability, is now confirmed actively exploited in the wild.
- CISA added this flaw to its Known Exploited Vulnerabilities catalog on July 13, 2026.
- Federal agencies must remediate CVE-2008-4128 by January 13, 2027.
- Active exploitation necessitates immediate patching and security updates for all affected systems.
CISA has added CVE-2008-4128, a vulnerability affecting Cisco Systems, Inc. products, to its Known Exploited Vulnerabilities (KEV) catalog. This addition on July 13, 2026, signifies that the flaw is no longer theoretical but has been confirmed to be actively exploited by threat actors in real-world attacks. The inclusion in the KEV catalog serves as a critical alert for all organizations, particularly federal agencies, to prioritize its immediate remediation.
CVE-2008-4128, identified simply by its identifier, represents a significant security risk. While specific details of its exploitation are not publicly disclosed in the KEV entry, its presence in the catalog underscores that adversaries are successfully leveraging this vulnerability to compromise systems. The age of the CVE, dating back to 2008, highlights that even older flaws can remain potent threats if not adequately addressed over time.
The KEV catalog is a definitive list of vulnerabilities that carry significant risk due to their active exploitation. CISA mandates that federal civilian executive branch agencies remediate vulnerabilities on this list within specific deadlines to protect against ongoing threats. For CVE-2008-4128, the remediation due date is set for January 13, 2027, providing a six-month window for compliance.
All organizations, not just federal agencies, are strongly advised to review their environments for any instances of affected Cisco products and apply the necessary patches or mitigations without delay. Proactive vulnerability management, including regular scanning and patching cycles, is essential to prevent exploitation. Prioritizing KEV-listed vulnerabilities is a fundamental step in strengthening an organization's overall cybersecurity posture against known and active threats.