Summary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four new critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, highlighting the urgent need for organizations to prioritize patching. Federal agencies are mandated to apply the latest security patches by October 21, 2024, to mitigate active cyber threats.
Threat Actor: Cybercriminals | cybercriminals
Victim: Various organizations | various organizations
Key Point :
- CVE-2023-25280: Critical vulnerability in D-Link routers allowing complete control; public exploit details increase risk.
- CVE-2020-15415: Critical flaw in DrayTek Vigor routers enabling remote code execution; organizations should apply mitigations or retire devices.
- CVE-2021-4043: Vulnerability in Motion Spell GPAC allows local denial-of-service attacks; prompt mitigation is necessary.
- CVE-2019-0344: Critical vulnerability in SAP Commerce Cloud permits arbitrary code execution; applying vendor mitigations is crucial.
- Federal agencies must apply security patches by October 21, 2024, to protect critical infrastructure.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has once again raised the alarm, adding four new security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These additions underscore the urgent need for organizations, especially federal agencies, to prioritize patching and mitigation efforts to defend against active cyber threats.
The New Vulnerabilities in Focus
-
CVE-2023-25280 (CVSS 9.8): This critical vulnerability in certain D-Link routers opens the door for attackers to gain complete control (root access) through a specially crafted exploit. Alarmingly, the technical details and proof-of-concept code have been publicly released, increasing the risk of widespread attacks. CISA recommends discontinuing the use of affected products, as they are end-of-life and no longer supported.
-
CVE-2019-0344 (CVSS 9.8): This critical vulnerability in SAP Commerce Cloud allows for arbitrary code execution on affected systems. Attackers can leverage this flaw to gain unauthorized access and potentially compromise sensitive data. Applying vendor-provided mitigations is crucial for organizations relying on this software.
CVE-2020-15415 (CVSS 9.8): Another critical flaw, this time impacting DrayTek Vigor routers, enables remote code execution. Attackers can leverage shell metacharacters within filenames to gain unauthorized control. Organizations are advised to apply vendor-provided mitigations or, if unavailable, retire the affected devices.
CVE-2021-4043 (CVSS 5.5): This vulnerability in Motion Spell GPAC, while less severe, still poses a risk. Local attackers can trigger a denial-of-service (DoS) condition, disrupting operations. Prompt action is necessary to mitigate potential service interruptions.
Deadline for Federal Agencies
In response to the active exploitation of these vulnerabilities, CISA has issued a directive to federal agencies, mandating the application of the latest security patches by October 21, 2024. This deadline emphasizes the urgency of the situation and the need for swift action to protect critical infrastructure and sensitive information.
Related Posts:
Source: https://securityonline.info/cisa-adds-four-actively-exploited-vulnerabilities-to-kev-catalog