FOCUS MODE
EXTRACT IOC
MINDMAP
0Trash

Newly Exploited Vulnerabilities Target Cisco, Microsoft, and More, CISA Warns

iocOne
Newly Exploited Vulnerabilities Target Cisco, Microsoft, and More, CISA Warns
CISA has updated its Known Exploited Vulnerabilities Catalog by adding five new vulnerabilities that are being actively exploited, affecting various products including Cisco routers, Hitachi Vantara’s Pentaho BA Server, Microsoft Windows, and Progress Software’s WhatsUp Gold. These vulnerabilities pose risks of data breaches and system compromises, emphasizing the need for timely remediation. Affected: Cisco routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows, Progress WhatsUp Gold

Keypoints :

  • CISA updated its Known Exploited Vulnerabilities Catalog with five actively exploited vulnerabilities.
  • Vulnerabilities affect Cisco routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows, and Progress WhatsUp Gold.
  • CVE-2023-20118 allows command injection in Cisco RV Series routers.
  • CVE-2022-43939 enables authorization bypass in Hitachi Vantara Pentaho BA Server.
  • CVE-2022-43769 involves special element injection in Pentaho BA Server.
  • CVE-2018-8639 in Windows allows for privilege escalation.
  • CVE-2024-4885 allows path traversal vulnerabilities in WhatsUp Gold.
  • Severity levels range from medium to critical based on CVSS scores.
  • Organizations are urged to patch software and address vulnerabilities proactively.

MITRE Techniques :

  • Command and Control (T1071.001): Exploited CVE-2023-20118 enables remote command execution on Cisco routers using improperly validated input.
  • Authorization Bypass (T1070.004): Exploited CVE-2022-43939 allows unauthorized access to restricted areas in Pentaho BA Server due to improper handling of URL paths.
  • Input Data Manipulation (T1203.002): Exploited CVE-2022-43769 leads to special element injection in Pentaho BA Server allowing arbitrary commands execution due to failure in data sanitization.
  • Privilege Escalation (T1068): Exploited CVE-2018-8639 allows attackers to elevate privileges in Microsoft Windows systems.
  • Remote File Inclusion (T1132): Exploited CVE-2024-4885 creates a path traversal vulnerability in WhatsUp Gold enabling command execution.

Indicator of Compromise :

  • [CVE] CVE-2023-20118
  • [CVE] CVE-2022-43939
  • [CVE] CVE-2022-43769
  • [CVE] CVE-2018-8639
  • [CVE] CVE-2024-4885

Full Story: https://thecyberexpress.com/new-known-exploited-vulnerabilities-to-catalog/

Views: 0

Tags: BROWSER, VULNERABILITY, TOOL, WINDOWS, GOVERNMENT, CVE, MOBILE, EXPLOIT
en en