In recent news, the Cybersecurity and Infrastructure Security Agency (CISA) made updates to its Known Exploited Vulnerabilities (KEV) Catalog, highlighting three critical vulnerabilities that are currently being exploited by cybercriminals. These vulnerabilities, if left unaddressed, could lead to unauthorized access, data breaches, and service disruptions for organizations using the affected products.
The first vulnerability added to the catalog is CVE-2023-45727, which impacts North Grid Proself products. This vulnerability is related to an improper restriction of XML External Entity (XXE) reference, making it susceptible to exploitation by sending specially crafted XML data to the affected systems. If successful, remote unauthenticated attackers could access sensitive files on the server, posing a high risk of data manipulation or theft. To address this vulnerability, organizations using Proself products are strongly advised to apply patches promptly to mitigate the risk of exploitation.
The second vulnerability, CVE-2024-11680, affects the ProjectSend file management application with versions prior to r1720. This flaw is an improper authentication vulnerability that allows attackers to bypass authentication mechanisms by sending specially crafted HTTP requests. Once authenticated, attackers can make unauthorized changes to the system configuration, potentially compromising the security of the system. With a critical CVSS score of 9.8, organizations are urged to update to the latest version of ProjectSend immediately to prevent exploitation.
The third vulnerability, CVE-2024-11667, impacts various Zyxel firewall models, including the ATP series, USG FLEX series, and USG20(W)-VPN series. This vulnerability allows attackers to perform a path traversal attack through the web management interface of firmware versions V5.00 through V5.38, potentially compromising the device’s security. Although this vulnerability has a high risk rating with a CVSS score of 7.5, organizations using affected Zyxel products should apply security updates promptly to protect against potential attacks.
The inclusion of these vulnerabilities in the CISA KEV Catalog underscores the ongoing cybersecurity challenges faced by organizations relying on vulnerable products. To mitigate these vulnerabilities, organizations must prioritize patch management, enhance authentication practices, conduct regular security audits, and have incident response plans in place. Proactively addressing these vulnerabilities is crucial to safeguard systems from potential exploits and ensure the continued security and reliability of operations.
In conclusion, organizations must stay vigilant and proactive in addressing known exploited vulnerabilities to protect against cyber threats and safeguard critical operations. By staying informed and implementing necessary security measures, organizations can strengthen their defense against cyber attacks and mitigate potential risks to their systems and data.