Alerts: CISA Adds Five Known Exploited Vulnerabilities to Catalog

Mar 3, 2025

—

Source URL: https://www.cisa.gov/news-events/alerts/2025/03/03/cisa-adds-five-known-exploited-vulnerabilities-catalog
Source: Alerts
Title: CISA Adds Five Known Exploited Vulnerabilities to Catalog

Feedly Summary: CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

CVE-2023-20118 Cisco Small Business RV Series Routers Command Injection Vulnerability
CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability
CVE-2022-43769 Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
CVE-2018-8639 Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
CVE-2024-4885 Progress WhatsUp Gold Path Traversal Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

AI Summary and Description: Yes

Summary: The text details recent additions to the CISA’s Known Exploited Vulnerabilities Catalog, including specific vulnerabilities affecting various products. It emphasizes the significance of these CVEs as prevalent attack vectors and outlines the requirements for federal agencies and recommendations for all organizations to mitigate risks associated with these vulnerabilities.

Detailed Description:
The provided text discusses five newly identified vulnerabilities that have been added to CISA’s Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. Here’s an overview of the key points:

– **Vulnerabilities Highlighted**:
– **CVE-2023-20118**: Command injection vulnerability in Cisco Small Business RV Series Routers.
– **CVE-2022-43939**: Authorization bypass vulnerability in Hitachi Vantara Pentaho BA Server.
– **CVE-2022-43769**: Special element injection vulnerability in the same Hitachi Vantara product.
– **CVE-2018-8639**: Improper resource shutdown or release vulnerability in Microsoft Windows Win32k.
– **CVE-2024-4885**: Path traversal vulnerability in Progress WhatsUp Gold.

– **Implications of Vulnerabilities**:
– These vulnerabilities represent frequent attack vectors for cyber criminals, posing significant risks to federal enterprises and, by extension, other organizations.

– **Binding Operational Directive (BOD) 22-01**:
– This directive mandates remediation of identified vulnerabilities for Federal Civilian Executive Branch (FCEB) agencies to safeguard networks against active cyber threats.
– BOD 22-01 outlines the establishment of the Known Exploited Vulnerabilities Catalog as a critical tool for understanding and managing these risks.

– **Recommendations**:
– Although BOD 22-01 is specifically applied to FCEB agencies, CISA advises all organizations to prioritize the timely remediation of these vulnerabilities as part of their overall vulnerability management practices.

– **Continuous Updates**:
– CISA will continue to enhance the catalog with additional vulnerabilities meeting the specified criteria, emphasizing the evolving nature of cyber threats.

This information is especially relevant to professionals in information security, cloud computing security, and compliance. It underscores the importance of proactive vulnerability management and adherence to established regulatory directives to mitigate the risks posed by known vulnerabilities in software and systems.

01 1 2 2024 24 3 4 5 7 a Act active exploitation active threats AGI AI alerts alt and art as attack attack vectors attacks authorization authorization bypass based Binding Operational Directive business by bypass C catalog CIA CISA Cisco Cloud cloud computing cloud computing security command command injection Command Injection Vulnerability Common Vulnerabilities Common Vulnerabilities and Exposures compliance Computing core critical CVE cyber cyber actors cyber criminals cyber threat cyber threats cyberattack Cyberattacks D de directive e end enterprise enterprises ERP event exp exploit Exploitation exploited vulnerabilities Exposures fact federal agencies Federal Civilian Executive Branch federal enterprise for g Gen Go H high Highlight HR http HTTPS implications in information information security injection Injection vulnerability ite J k Key Known Exploited Vulnerabilities Known Exploited Vulnerabilities Catalog known vulnerabilities l led Li Living malicious cyber actors man management media Micro Microsoft Microsoft Windows N network networks news no o of on operation organization organizations ory out over path traversal path traversal vulnerability point pre proactive proactive vulnerability management product products professionals Progress R RCE recommendations red regulatory release remediation Requirements resource Risk risks Ro RoT routers RSA s safe sec security series server Sig SoC software source special element injection specific SSE system systems T Tails text the threat threats Time to tool Tor TP two type UI up update updates US uth V val vectors vents vulnerabilities vulnerabilities catalog vulnerability Vulnerability Management vulnerability management practice vulnerability management practices WhatsUp Gold Wi Wind Windows x