Source URL: https://www.cisa.gov/news-events/alerts/2024/10/02/cisa-adds-one-known-exploited-vulnerability-catalog
Source: Alerts
Title: CISA Adds One Known Exploited Vulnerability to Catalog
Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2024-29824 Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
AI Summary and Description: Yes
Summary: The text discusses a newly added vulnerability to CISA’s Known Exploited Vulnerabilities Catalog, specifically pertaining to the Ivanti Endpoint Manager with a SQL Injection vulnerability (CVE-2024-29824). It emphasizes the significant risk such vulnerabilities pose and encourages all organizations, not just federal ones, to prioritize vulnerability remediation.
Detailed Description:
– CISA (Cybersecurity and Infrastructure Security Agency) has updated its Known Exploited Vulnerabilities Catalog by adding a new entry, CVE-2024-29824, which revolves around a SQL Injection vulnerability found in Ivanti Endpoint Manager (EPM).
– SQL Injection vulnerabilities are noted as common attack vectors that can be leveraged by malicious cyber actors, highlighting the need for immediate and effective remediation.
– The Binding Operational Directive (BOD) 22-01, which aims to mitigate the risks posed by known exploited vulnerabilities, establishes the framework for managing these vulnerabilities within federal agencies. This directive mandates that Federal Civilian Executive Branch (FCEB) agencies must address these vulnerabilities by a specified deadline.
– Although BOD 22-01 specifically applies to federal agencies, CISA strongly advises all organizations to address vulnerabilities listed in the catalog as a critical part of their cybersecurity posture.
– CISA commits to continually updating the catalog with new vulnerabilities that meet the criteria for significant risk.
The implications for security and compliance professionals include the need for:
– **Prioritization of Vulnerability Management**: Organizations should integrate the remediation of vulnerabilities from the CISA catalog into their regular security practices.
– **Awareness of Current Threats**: Staying informed about the latest vulnerabilities can help organizations anticipate and mitigate potential attacks.
– **Regulatory Compliance**: Understanding how directives like BOD 22-01 influence broader security practices is vital for ensuring compliance and protecting against legal ramifications.
Overall, this update serves as a critical reminder for both federal and private organizations to actively manage their exposures to known vulnerabilities within their networks.