Source URL: https://www.cisa.gov/news-events/alerts/2024/09/18/cisa-adds-five-known-exploited-vulnerabilities-catalog
Source: Alerts
Title: CISA Adds Five Known Exploited Vulnerabilities to Catalog
Feedly Summary: CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2024-27348 Apache HugeGraph-Server Improper Access Control Vulnerability
CVE-2020-0618 Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
CVE-2019-1069 Microsoft Windows Task Scheduler Privilege Escalation Vulnerability
CVE-2022-21445 Oracle JDeveloper Remote Code Execution Vulnerability
CVE-2020-14644 Oracle WebLogic Server Remote Code Execution Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
AI Summary and Description: Yes
Summary: The text discusses the addition of five new vulnerabilities to the CISA Known Exploited Vulnerabilities Catalog, highlighting their significance as attack vectors and the critical need for remediation by federal agencies and organizations to combat cyber threats.
Detailed Description: The information outlines recent actions taken by CISA (Cybersecurity and Infrastructure Security Agency) in regards to cybersecurity vulnerabilities that are being actively exploited. The mention of specific CVEs (Common Vulnerabilities and Exposures) signals serious threats that could compromise federal networks and organizations that may share similar infrastructures.
Key points of the content include:
– **Focus on Exploited Vulnerabilities**: CISA’s move to add new CVEs emphasizes the proactive approach taken to inform and safeguard against known threats.
– **Specified CVEs Included**:
– **CVE-2024-27348**: Apache HugeGraph-Server Improper Access Control
– **CVE-2020-0618**: Microsoft SQL Server Reporting Services Remote Code Execution
– **CVE-2019-1069**: Microsoft Windows Task Scheduler Privilege Escalation
– **CVE-2022-21445**: Oracle JDeveloper Remote Code Execution
– **CVE-2020-14644**: Oracle WebLogic Server Remote Code Execution
– **Binding Operational Directive BOD 22-01**:
– Establishes the Known Exploited Vulnerabilities Catalog as a key resource for identifying and addressing significant risks.
– Mandates that Federal Civilian Executive Branch (FCEB) agencies address identified vulnerabilities swiftly to fortify defenses.
– **Advisory for Broader Application**: While the directive specifically targets FCEB agencies, CISA recommends that all organizations adopt a proactive stance on vulnerability remediation, thus emphasizing its wider relevance across sectors.
– **Continuous Update of the Catalog**: CISA indicates that the catalog will be updated regularly to reflect new vulnerabilities, ensuring that organizations remain vigilant and informed.
This information is invaluable for cybersecurity, IT security, and infrastructure professionals who need to prioritize their vulnerability management strategies and ensure compliance with federal guidelines to mitigate risks effectively.