Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has added five vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, highlighting major security risks including long-known exploits against Windows and Cisco systems. Among these, CVE-2018-8639 and CVE-2023-20118 were notably flagged for ongoing exploitation in the wild, though many vulnerabilities had already been exploited for months or years prior. CISA’s slow response in updating its catalog raises concerns among cybersecurity firms about timely awareness and defense strategies against such threats.
Affected: CISA, Microsoft, Cisco, Hitachi Vantara, organizations using affected systems
Keypoints :
- CISA added five new vulnerabilities to its KEV catalog, including CVE-2018-8639 and CVE-2023-20118.
- CVE-2018-8639 is a Windows privilege escalation vulnerability that has been exploited by a China-linked APT group since early 2023.
- CVE-2023-20118 affects Cisco routers and has been actively exploited by a botnet, yet Cisco has not provided patches for end-of-life devices.
- Other vulnerabilities include two affecting Hitachi’s Pentaho BA Server that allow for authentication bypass and full host control.
- CISA’s delayed updates to the KEV list suggest a need for improved responsiveness to in-the-wild exploitation alerts.
Source: https://www.securityweek.com/exploitation-long-known-for-most-of-cisas-latest-kev-additions/