Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog

Source URL: https://www.cisa.gov/news-events/alerts/2024/11/20/cisa-adds-two-known-exploited-vulnerabilities-catalog
Source: Alerts
Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog

Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

CVE-2024-38812 VMware vCenter Server Heap-Based Buffer Overflow Vulnerability
CVE-2024-38813 VMware vCenter Server Privilege Escalation Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

AI Summary and Description: Yes

Summary: The text discusses two newly identified vulnerabilities related to VMware vCenter Server, which have been added to CISA’s Known Exploited Vulnerabilities Catalog due to active exploitation evidence. This update underscores the critical importance of timely remediation of these vulnerabilities, particularly for federal agencies, while also encouraging broader industry practices in vulnerability management.

Detailed Description:

The content highlights recent developments concerning cybersecurity vulnerabilities that are of significant relevance to security and compliance professionals. The newly identified vulnerabilities—CVE-2024-38812 and CVE-2024-38813—pose risks specifically in the context of cloud infrastructure security, as they pertain to the popular virtualization platform, VMware vCenter Server.

Key Points:
– **New Vulnerabilities Added to the Catalog:**
– **CVE-2024-38812**: A heap-based buffer overflow vulnerability in VMware vCenter Server.
– **CVE-2024-38813**: A privilege escalation vulnerability in VMware vCenter Server.

– **CISA’s Role**:
– CISA (Cybersecurity and Infrastructure Security Agency) maintains the Known Exploited Vulnerabilities Catalog, which is crucial for identifying and addressing active cybersecurity threats.

– **Binding Operational Directive (BOD) 22-01**:
– Established to reduce known vulnerabilities’ risks in federal networks.
– Mandates Federal Civilian Executive Branch (FCEB) agencies to remediate these vulnerabilities promptly.

– **Broader Implications**:
– Although BOD 22-01 targets FCEB agencies, CISA strongly advises all organizations to prioritize the remediation of vulnerabilities in the Catalog. This recommendation emphasizes a proactive approach to security through effective vulnerability management practices.

– **Ongoing Updates**:
– CISA continues to add vulnerabilities to the Catalog, indicating that organizations must stay vigilant and responsive to new threats as they are identified.

This information is crucial for professionals involved in cloud computing security, infrastructure security, and general information security. It serves as an urgent reminder of the need to maintain robust vulnerability management processes to protect against potential exploits.