Connect with us

Hi, what are you looking for?

Cyber Security

CISA adds 17 vulnerabilities to list of bugs exploited in attacks

This week, the Cybersecurity and Infrastructure Security Agency (CISA) added seventeen actively exploited vulnerabilities to the ‘Known Exploited Vulnerabilities Catalog.

The ‘Known Exploited Vulnerabilities Catalog’ is a list of vulnerabilities that have been seen abused by threat actors in attacks and that are required to be patched by Federal Civilian Executive Branch (FCEB) agencies.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise,” explains CISA.

“BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.”

The vulnerabilities listed in the catalog allow threat actors to perform a variety of attacks, including stealing credentials, gaining access to networks, remotely executing commands, downloading and executing malware, or stealing information from devices.

With the addition of these 17 vulnerabilities, the catalog now contains a total of 341 vulnerabilities and includes the date by which agencies must apply security updates to resolve the bug.

The seventeen new vulnerabilities added this week are listed below, with CISA requiring 10 of them to be patched within the first week of February.

CVE NumberCVE TitleRequired Action Due Date
CVE-2021-32648October CMS Improper Authentication2/1/2022
CVE-2021-21315System Information Library for node.js Command Injection Vulnerability2/1/2022
CVE-2021-21975Server Side Request Forgery in vRealize Operations Manager API Vulnerability2/1/2022
CVE-2021-22991BIG-IP Traffic Microkernel Buffer Overflow Vulnerability2/1/2022
CVE-2021-25296Nagios XI OS Command Injection Vulnerability2/1/2022
CVE-2021-25297Nagios XI OS Command Injection Vulnerability2/1/2022
CVE-2021-25298Nagios XI OS Command Injection Vulnerability2/1/2022
CVE-2021-33766Microsoft Exchange Server Information Disclosure Vulnerability2/1/2022
CVE-2021-40870Aviatrix Controller Unrestricted Upload of File Vulnerability2/1/2022
CVE-2021-35247SolarWinds Serv-U Improper Input Validation Vulnerability02/04/2022
CVE-2020-11978Apache Airflow Command Injection Vulnerability7/18/2022
CVE-2020-13671Drupal Core Unrestricted Upload of File Vulnerability7/18/2022
CVE-2020-13927Apache Airflow Experimental API Authentication Bypass Vulnerability7/18/2022
CVE-2020-14864Oracle Corporate Business Intelligence Enterprise Edition Path Traversal Vulnerability7/18/2022
CVE-2006-1547Apache Struts 1 ActionForm Denial of Service Vulnerability07/21/2022
CVE-2012-0391Apache Struts 2 Improper Input Validation Vulnerability07/21/2022
CVE-2018-8453Microsoft Windows Win32k Privilege Escalation Vulnerability07/21/2022

Of particular interest are the CVE-2021-32648 and CVE-2021-35247 vulnerabilities, which were disclosed this week to be actively exploited in attacks.

The ‘October CMS Improper Authentication’ vulnerability tracked as CVE-2021-32648 must be patched by February 1st, 2022, due to its recent use to hack and deface Ukrainian government websites.

While Ukraine blames these attacks on Russia, some security experts attribute the attacks to a Belarus-tied hacking group known as Ghostwriter.

The new ‘SolarWinds Serv-U Improper Input Validation’ vulnerability tracked as CVE-2021-35247 was discovered by Microsoft to be exploited to propagate Log4j attacks to Windows domain controllers configured as LDAP servers.

While attacks using the Serv-U vulnerability ultimately failed, as Windows domain controllers are not vulnerable to Log4j exploits, CISA requires agencies to fix the vulnerability by February 4th, 2022.

It is strongly recommended that all security professionals and admins review the Known Exploited Vulnerabilities Catalog and patch any within their environment.

Source: https://www.bleepingcomputer.com/news/security/cisa-adds-17-vulnerabilities-to-list-of-bugs-exploited-in-attacks/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

Bureaucracy and dispersed authorities hinder the Cybersecurity and Infrastructure Security Agency’s ability to carry out its mission as network cyber lead, according to an...

Cyber Security

Agency resources are intended to address the longstanding challenges health systems and hospitals have faced from increasingly advanced cyberattacks. The Cybersecurity and Infrastructure Security...

Cyber Security

The nation’s cyber defense agency wants to play a key role in hardening the broader open source software security ecosystem. The Cybersecurity and Infrastructure...

Cyber Security

State-backed hacking groups have breached a U.S. aeronautical organization using exploits targeting critical Zoho and Fortinet vulnerabilities, a joint advisory published by CISA, the...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO