Source URL: https://www.cisa.gov/news-events/alerts/2024/12/03/cisa-adds-three-known-exploited-vulnerabilities-catalog
Source: Alerts
Title: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Feedly Summary: CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2023-45727 North Grid Proself Improper Restriction of XML External Entity (XEE) Reference Vulnerability
CVE-2024-11680 ProjectSend Improper Authentication Vulnerability
CVE-2024-11667 Zyxel Multiple Firewalls Path Traversal Vulnerability
Users and administrators are also encouraged to review the Palo Alto Threat Brief: Operation Lunar Peek related to CVE-2024-0012, the Palo Alto Security Bulletin for CVE-2024-0012, and the Palo Alto Security Bulletin for CVE-2024-9474 for additional information.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
AI Summary and Description: Yes
Summary: The text discusses the addition of new vulnerabilities to the CISA’s Known Exploited Vulnerabilities Catalog, highlighting specific vulnerabilities and their associated risks. It emphasizes the importance of timely remediation to mitigate potential cyber threats, relevant for professionals in information security and compliance.
Detailed Description:
The provided text outlines critical information relevant to cybersecurity practices, focusing on the newly added vulnerabilities in CISA’s Known Exploited Vulnerabilities Catalog. This catalog serves as a crucial resource for organizations seeking to identify and remediate significant cyber risks. The mention of specific CVEs—CVE-2023-45727, CVE-2024-11680, and CVE-2024-11667—suggests immediate attention is warranted, especially considering their potential exploitation by malicious actors.
Key Points:
– **CISA Vulnerabilities**: CISA has updated its catalog with three new CVEs, representing immediate threats that require attention from users and administrators.
– **CVE-2023-45727**: North Grid Proself Improper Restriction of XML External Entity (XEE) Reference Vulnerability.
– **CVE-2024-11680**: ProjectSend Improper Authentication Vulnerability.
– **CVE-2024-11667**: Zyxel Multiple Firewalls Path Traversal Vulnerability.
– **Encouragement of Further Review**: Organizations are urged to assess associated threats, such as those detailed in Palo Alto Threat Briefs and Security Bulletins related to CVE-2024-0012 and CVE-2024-9474.
– **Operational Directives**: The Binding Operational Directive (BOD) 22-01 is noted, which mandates remediation actions for federal agencies and encourages broader organizational compliance with vulnerability management practices. This directive is pivotal for protecting federal enterprise networks against active threats.
– **General Guidance for Organizations**: Although specifically directed at Federal Civilian Executive Branch agencies, CISA recommends that all organizations actively manage their exposure to cyberattacks by prioritizing remediation of cataloged vulnerabilities.
– **Continuous Updates**: CISA will keep updating the catalog, stressing the critical need for organizations to stay vigilant and responsive to emerging vulnerabilities, which can evolve into significant risks.
The importance of proactive vulnerability management and compliance with directives such as BOD 22-01 is emphasized, serving as a vital practice for enhancing overall cybersecurity posture for all organizations, not just federal agencies.