The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2008-4128, a cross-site request forgery flaw in Cisco IOS, to its Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. Federal agencies are required to prioritize rapid remediation of this and other high-risk vulnerabilities that grant full system control to attackers.