Close Menu
    Trending
    Subscribe
    Friday, March 21

    Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

    info@thehackernews.com (The Hacker News)By No Comments3 Mins Read


    Mar 04, 2025The Hacker InformationCyber Assault / Vulnerability

    New Exploited Vulnerabilities

    The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Monday added 5 safety flaws impacting software program from Cisco, Hitachi Vantara, Microsoft Home windows, and Progress WhatsUp Gold to its Identified Exploited Vulnerabilities (KEV) catalog, primarily based on proof of energetic exploitation.

    The checklist of vulnerabilities is as follows –

    • CVE-2023-20118 (CVSS rating: 6.5) – A command injection vulnerability within the web-based administration interface of Cisco Small Enterprise RV Sequence routers that permits an authenticated, distant attacker to realize root-level privileges and entry unauthorized information (Unpatched because of the routers reaching end-of-life standing)
    • CVE-2022-43939 (CVSS rating: 8.6) – An authorization bypass vulnerability in Hitachi Vantara Pentaho BA Server that stems from the usage of non-canonical URL paths for authorization selections (Fastened in August 2024 with variations 9.3.0.2 and 9.4.0.1)
    • CVE-2022-43769 (CVSS rating: 8.8) – A particular factor injection vulnerability in Hitachi Vantara Pentaho BA Server that permits an attacker to inject Spring templates into properties information, permitting for arbitrary command execution (Fastened in August 2024 with variations 9.3.0.2 and 9.4.0.1)
    • CVE-2018-8639 (CVSS rating: 7.8) – An improper useful resource shutdown or launch vulnerability in Microsoft Home windows Win32k that permits for native, authenticated privilege escalation, and operating arbitrary code in kernel mode (Fastened in December 2018)
    • CVE-2024-4885 (CVSS rating: 9.8) – A path traversal vulnerability in Progress WhatsUp Gold that permits an unauthenticated attacker to realize distant code execution (Fastened in model 2023.1.3 in June 2024)
    Cybersecurity

    There are little-to-no studies about how a number of the aforementioned flaws are weaponized within the wild, however French cybersecurity firm Sekoia revealed final week that menace actors are abusing CVE-2023-20118 to rope vulnerable routers right into a botnet known as PolarEdge.

    As for CVE-2024-4885, the Shadowserver Basis mentioned it has observed exploitation makes an attempt in opposition to the flaw as of August 1, 2024. Information from GreyNoise shows that as many as eight distinctive IP addresses from Hong Kong, Russia, Brazil, South Korea, and the UK are linked to the malicious exploitation of the vulnerability.

    In gentle of energetic exploitation, Federal Civilian Govt Department (FCEB) companies are urged to use the mandatory mitigations by March 24, 2025, to safe their networks.

    Discovered this text fascinating? This text is a contributed piece from certainly one of our valued companions. Comply with us on Twitter and LinkedIn to learn extra unique content material we submit.





    Source link

    Share.

    Related Posts

    0 0 votes
    Article Rating
    Subscribe
    Notify of
    guest


    0 Comments
    Oldest
    Newest Most Voted
    Inline Feedbacks
    View all comments
    0
    Would love your thoughts, please comment.x
    ()
    x