Source URL: https://www.cisa.gov/news-events/alerts/2024/10/09/cisa-adds-three-known-exploited-vulnerabilities-catalog
Source: Alerts
Title: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Feedly Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2024-23113 Fortinet Multiple Products Format String Vulnerability
CVE-2024-9379 Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
CVE-2024-9380 Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
AI Summary and Description: Yes
Summary: The text discusses the inclusion of three new vulnerabilities in CISA’s Known Exploited Vulnerabilities Catalog, underscoring the risks they pose to federal networks and the need for timely remediation. It highlights the significance of BOD 22-01, which mandates remediation for federal agencies while encouraging broader adoption of vulnerability management practices.
Detailed Description:
– **Vulnerability Inclusions**: The text mentions three specific vulnerabilities that have been added to CISA’s Known Exploited Vulnerabilities Catalog:
– **CVE-2024-23113**: A format string vulnerability affecting multiple Fortinet products.
– **CVE-2024-9379**: An SQL injection vulnerability within Ivanti Cloud Services Appliance.
– **CVE-2024-9380**: An OS command injection vulnerability related to Ivanti Cloud Services Appliance.
– **Active Exploitation**: These vulnerabilities are considered active attack vectors commonly exploited by cybercriminals, posing significant risks to organizations, particularly within the federal enterprise space.
– **Binding Operational Directive (BOD) 22-01**: This directive serves as a regulatory framework aimed at reducing cybersecurity risks associated with known vulnerabilities.
– Establishes the Known Exploited Vulnerabilities Catalog as an ongoing reference for serious Common Vulnerabilities and Exposures (CVEs).
– Requires that Federal Civilian Executive Branch (FCEB) agencies address and remediate identified vulnerabilities within specified deadlines to safeguard their networks.
– Encourages all organizations, even those outside the federal space, to enhance their security posture by prioritizing vulnerabilities on the catalog.
– **Broader Implications**:
– CISA’s guidance emphasizes the importance of active vulnerability management practices to mitigate the risks posed by identified vulnerabilities, regardless of organizational affiliation.
– By urging the broad adoption of remediation practices, CISA highlights a proactive stance that could be critical for preventing successful cyberattacks in various sectors.
**Conclusion**: This text is highly relevant for security and compliance professionals, particularly those involved in vulnerability management, risk assessment, and cybersecurity strategy. Awareness of active vulnerabilities and adherence to directives like BOD 22-01 are essential for protecting organizational assets from cyber threats.