Cybersecurity and US Infrastructure Agency (CISA) added Five Safety Disadvantages affecting Cisco, Hitachi Vantara, Microsoft Windows and Progress Whatsup Gold for their famous exploited vulnecs (Ship) A catalog based on evidence of active operation.
The list of vulnerabilities is the following –
- Cve-2013-20118 (CVSS assessment: 6.5) -Touity of teams of introduction to the online router RV Cisco Small Business Router, which allows authentication, remote attackers, receive privileges at the root level and access unauthorized data (unlikely due to routers)
- Cve-2022-43939 (CVSS assessment: 8.6) – vulnerability of the income vulnerability in Hitachi Vantara Pentaho Ba Server, resulting from non -canonical use
- Cve-2022-43769 (CVSS assessment: 8.8) – Vulnerability of special introduction into Hitachi Vantara Pentaho Ba Server, which allows the attacker to enter spring templates into the properties files, which allows to perform arbitrary execution of commands (fixed in August 2024 with versions 9.3.2 and 9.4.0.1)
- Cve-2018-8639 (CVSS assessment: 7.8) – Invalid resources or release vulnerability in Microsoft Windows Win32K, which allows local, valid escalation of privileges and launch of arbitrary code in the kernel mode (fixed in December 2018)
- Cve-2024-4885 (CVSS assessment: 9.8) – vulnerability of the path that goes through Whatsup Gold, which allows an unauthorized attacker to achieve a remote code (recorded in version 2023.3 in June 2024)
There is little reports on how some of the aforementioned shortcomings are armed in the wild, but the French Cybersecurity Company disclosed Last week, the threatening subjects abuse CVE-2013-20118 to redirect the routers in a botnet called Polaredge.
As for the CVE-2024-4885, the Shadowserver Foundation said he has observe Attempts to operate against the lack of August 1, 2024. Data from Greynoise show What as many as eight unique IPs from Hong Kong, Russia, Brazil, South Korea and UK are associated with malicious exploitation of vulnerability.
In light of the active exploitation, the Federal Civil Executive Agency (FCEB) is urged to apply the necessary mitigations by March 24, 2025 to ensure their networks.
