In March, the CISA catalog added nine new vulnerabilities, significantly impacting various platforms like VMware, Hitachi Vantara, Linux, and more. New botnet threats emerged alongside advanced threat actor tactics, emphasizing the critical importance of prompt patching and security measures. Key vulnerabilities include critical issues in VMware, Progress WhatsUp Gold, and Hitachi Vantara products which have already seen active exploitation. Affected: VMware, Hitachi Vantara, Linux, Microsoft Windows, Cisco, Progress WhatsUp Gold
Keypoints :
- Nine new vulnerabilities added to the CISA Known Exploited Vulnerabilities (KEV) catalog.
- VMware ESXi, Workstation, and Fusion had three vulnerabilities listed.
- Hitachi Vantara Pentaho introduced two notable vulnerabilities.
- Exploits against multiple platforms highlight ongoing risks to enterprise infrastructure.
- Emergence of botnet threats like EnemyBot and Sysrv-K exploiting Spring Cloud Gateway.
- This month revealed a critical Time-of-Check Time-of-Use (TOCTOU) vulnerability in VMware products.
- Active exploitation of vulnerabilities demonstrated a shift by advanced threat actors.
- CVE-2024-4885 in Progress WhatsUp Gold allows unauthenticated remote code execution.
- Special Element Injection and Authorization Bypass vulnerabilities from Hitachi Vantara recorded high CVSS scores.
- Active exploitation seen in Cisco Small Business Router vulnerabilities with significant IoT malware campaigns.
Full Story: https://www.loginsoft.com/reports/weekly/march-kicks-off-with-major-exploits