The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a recently patched vulnerability in SolarWinds ServU file transfer software is now being actively exploited in attacks.