Source URL: https://www.cisa.gov/news-events/alerts/2024/10/24/cisa-adds-two-known-exploited-vulnerabilities-catalog
Source: Alerts
Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2024-20481 Cisco ASA and FTD Denial-of-Service Vulnerability
CVE-2024-37383 RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
AI Summary and Description: Yes
Summary: The text discusses the addition of two new vulnerabilities to CISA’s Known Exploited Vulnerabilities Catalog, highlighting their significance due to active exploitation. This information is crucial for security professionals as it emphasizes the importance of timely remediation to avoid cyber threats.
Detailed Description: The Cybersecurity and Infrastructure Security Agency (CISA) has identified and added two critical vulnerabilities to its Known Exploited Vulnerabilities Catalog, which serves as a resource for recognizing vulnerabilities actively being exploited by cybercriminals. Addressing these vulnerabilities is essential for safeguarding federal networks and maintaining robust security posture across all organizations.
Key Points:
– **New Vulnerabilities Added**:
– **CVE-2024-20481**: This vulnerability is associated with Cisco’s ASA and FTD devices, allowing attackers to exploit a denial-of-service condition.
– **CVE-2024-37383**: Concerns a cross-site scripting (XSS) vulnerability in RoundCube Webmail, which can be leveraged by attackers to execute scripts in a user’s browser.
– **Active Exploitation**: Both identified vulnerabilities present significant risks, as malicious actors actively exploit them, particularly targeting federal enterprise systems.
– **Binding Operational Directive (BOD) 22-01**:
– Established the Known Exploited Vulnerabilities Catalog as a dynamic list of CVEs posing significant risks.
– Requires Federal Civilian Executive Branch agencies to address identified vulnerabilities promptly to protect their networks against ongoing threats.
– Remediation deadlines must be adhered to by governmental agencies to ensure compliance.
– **Broader Implications**: While BOD 22-01 is specifically aimed at Federal agencies, CISA advocates for all organizations, regardless of sector, to prioritize the remediation of these catalogued vulnerabilities. Organizations are encouraged to integrate this practice into their overall vulnerability management strategy.
– **CISA’s Ongoing Role**: The agency will continue to append new vulnerabilities to the catalog, with the intention of maintaining an up-to-date resource for agencies and organizations to reference in their cybersecurity efforts.
This update serves as a crucial reminder for security and compliance professionals to stay vigilant regarding known vulnerabilities and underscores the need for systematic vulnerability management practices to mitigate the risk of cyberattacks effectively.