Tech Support
Documentation
Login
Contact Us
CISA Adds 6 Known Exploited Vulnerabilities to Catalog
Rohan Timalsina
January 22, 2024 - TuxCare expert team
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark warning for organizations nationwide, adding six critical vulnerabilities to its “Known Exploited Vulnerabilities” (KEV) catalog. Six critical vulnerabilities, including flaws in Apache Superset, Adobe ColdFusion, Apple products, D-Link routers, and Joomla!, are actively exploited by attackers. This designation signifies that malicious actors are actively exploiting these flaws in the wild, posing a significant threat to network security.
In this blog post, we will explore the details of these vulnerabilities, understanding the risks they pose and the necessary measures to mitigate them.
Six New Vulnerabilities in CISA Known Exploited Vulnerabilities Catalog
CVE-2023-27524 (CVSS Score: 8.9 High)
One of the highlighted vulnerabilities is CVE-2023-27524, a high-severity flaw affecting the Apache Superset open-source data visualization software. This vulnerability poses a serious risk to systems that use this software as it could enable remote code execution. The problem was first identified by Naveen Sunkavally of Horizon3.ai, who stated that it was caused by a risky Apache Superset default setup. This configuration flaw allows unauthenticated attackers to gain remote code execution, harvest credentials, and compromise data. The issue was successfully addressed in version 2.1.
CVE-2023-38203 and CVE-2023-29300 (CVSS Score: 9.8 Critical)
CISA has also listed two known exploited vulnerabilities related to Adobe ColdFusion – CVE-2023-38203 and CVE-2023-29300. Both vulnerabilities share a high CVSS score of 9.8, emphasizing their severity. These vulnerabilities relate to the way untrusted data is deserialized, opening up a possibility for exploitation. Organizations relying on Adobe ColdFusion should promptly address these vulnerabilities to prevent unauthorized access and data compromise.
CVE-2023-41990 (CVSS Score: 7.8 High)
Apple users should be aware of CVE-2023-41990, a vulnerability affecting multiple Apple products. This vulnerability was taken advantage of by unidentified parties as part of Operation Triangulation spyware assaults, and it was patched in iOS 15.7.8 and iOS 16.3. The attack vector involved a specially crafted iMessage PDF attachment, allowing adversaries to achieve remote code execution. Timely updates are crucial for securing Apple devices against potential risks of known exploited vulnerabilities.
CVE-2016-20017 (CVSS Score: 9.8 Critical)
The D-Link DSL-2750B devices are not immune to vulnerabilities, as evidenced by CVE-2016-20017. This vulnerability involves command injection, potentially allowing attackers to execute arbitrary commands on affected devices. Organizations utilizing D-Link DSL-2750B devices should prioritize the application of fixes to prevent unauthorized access and potential compromise.
CVE-2023-23752 (CVSS Score: 5.3 Medium)
This improper access vulnerability in Joomla! could allow unauthorized access to webservice endpoints, potentially resulting in sensitive information leaks. Organizations are advised to address this vulnerability promptly by updating to the latest Joomla! Version. The affected versions include 4.0.0 to 4.2.7.
Conclusion
Federal Civilian Executive Branch (FCEB) agencies have been advised to apply fixes by January 29, 2024, to mitigate the risks associated with these known exploited vulnerabilities. Applying security patches on time is essential to protecting networks from active threats. As the digital ecosystem changes, maintaining a resilient cybersecurity posture requires being aware of potential vulnerabilities and taking proactive measures.
The sources for this article include a story from TheHackerNews.
