Source URL: https://www.cisa.gov/news-events/alerts/2025/02/06/cisa-adds-five-known-exploited-vulnerabilities-catalog
Source: Alerts
Title: CISA Adds Five Known Exploited Vulnerabilities to Catalog
Feedly Summary: CISA has added five vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-0411 7-Zip Mark of the Web Bypass Vulnerability
CVE-2022-23748 Dante Discovery Process Control Vulnerability
CVE-2024-21413 Microsoft Outlook Improper Input Validation Vulnerability
CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability
CVE-2020-15069 Sophos XG Firewall Buffer Overflow Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
AI Summary and Description: Yes
Summary: The provided text highlights the addition of five new vulnerabilities to the CISA’s Known Exploited Vulnerabilities Catalog, emphasizing their potential risks to organizations, especially within the federal sector. The text also discusses binding directives aimed at mitigating these risks, making it pertinent to professionals focused on cybersecurity and vulnerability management.
Detailed Description: This announcement by CISA (Cybersecurity and Infrastructure Security Agency) outlines critical vulnerabilities that have been actively exploited by cyber actors. Here are the significant points from the text:
– **Vulnerabilities Listed**: CISA has included the following vulnerabilities in its catalog:
– **CVE-2025-0411**: A Mark of the Web bypass vulnerability in 7-Zip.
– **CVE-2022-23748**: A control vulnerability in the Dante Discovery Process.
– **CVE-2024-21413**: Improper input validation in Microsoft Outlook.
– **CVE-2020-29574**: An SQL injection vulnerability in CyberoamOS (CROS).
– **CVE-2020-15069**: A buffer overflow vulnerability in Sophos XG Firewall.
– **Threat Landscape**:
– These vulnerabilities serve as frequently exploited attack vectors for malicious cyber actors.
– They pose significant risks particularly to the federal enterprise, making timely identification and remediation crucial.
– **Regulatory Framework**:
– **Binding Operational Directive (BOD) 22-01**: This directive aims to reduce the risks associated with known exploited vulnerabilities by establishing a catalog of Common Vulnerabilities and Exposures (CVEs).
– It mandates that Federal Civilian Executive Branch (FCEB) agencies remediate identified vulnerabilities by set deadlines, reinforcing the importance of quick action in the face of threats.
– **Recommended Actions**:
– Although BOD 22-01 is specifically for FCEB agencies, CISA encourages all organizations to adopt similar practices in reducing exposure to these vulnerabilities.
– Organizations are advised to prioritize the remediation of the vulnerabilities listed in the catalog as part of their vulnerability management practices.
This information is crucial for security professionals working to enhance their organization’s cyber defenses. The update reflects the continuous evolution of cyber threats and the importance of maintaining a proactive stance in vulnerability management.