The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities Catalog with several critical security flaws, prompting heightened vigilance among organizations using affected software platforms.
Among these newly added vulnerabilities are severe flaws in Apache OFBiz, Microsoft .NET Framework, and Paessler PRTG Network Monitor.
These vulnerabilities, if exploited, could enable attackers to gain unauthorized access, execute malicious commands, or expose sensitive information, posing significant security risks.
Apache OFBiz Forced Browsing Vulnerability (CVE-2024-45195)
CVE-2024-45195 highlights a forced browsing issue in Apache OFBiz, an open-source enterprise resource planning (ERP) system.
The vulnerability, identified under CWE-425 (Direct Request), allows remote attackers to bypass authentication protocols and access restricted resources without authorization.
While there is no evidence yet of this flaw being weaponized in ransomware attacks, CISA has recommended immediate action.
Organizations are urged to implement the mitigations provided by Apache or consider discontinuing the use of the product if no patch is available.
The deadline for remediation is February 25, 2025, to mitigate potential risks.
Microsoft .NET Framework Information Disclosure Flaw (CVE-2024-29059)
The Microsoft .NET Framework has also come under scrutiny for an information disclosure vulnerability, tracked as CVE-2024-29059.
This flaw occurs due to improper handling of sensitive information, specifically exposing the ObjRef URI to attackers.
Exploitation of this vulnerability could ultimately lead to remote code execution.
Classified under CWE-209 (Information Exposure Through an Error Message), the vulnerability could potentially allow attackers to target software relying on the .NET Framework.
Similar to the Apache vulnerability, there is no confirmation of active exploitation in ransomware campaigns.
Microsoft has advised applying vendor-recommended mitigations or ceasing the use of affected versions until a comprehensive fix is available.
CISA has also included two older vulnerabilities in Paessler’s PRTG Network Monitor—CVE-2018-9276 and CVE-2018-19410.
The first, an OS Command Injection flaw (CWE-78), allows attackers with administrative privileges to execute arbitrary commands via the system administrator web interface.
The second vulnerability, a Local File Inclusion issue (CWE-98), could enable unauthenticated attackers to gain remote access with administrator-level privileges by exploiting improperly handled file paths.
Despite their age, these flaws remain a critical concern due to their inherent risk to enterprise network environments, especially if unpatched.
Though none of these vulnerabilities have been definitively linked to ransomware campaigns, CISA’s inclusion of these flaws in its catalog underscores their potential exploitation by threat actors.
Organizations using affected software must proactively address these vulnerabilities by adhering to vendor-provided mitigations or discontinuing the use of unpatched systems.
The deadline for remediation, set for February 25, 2025, reflects the urgency of addressing these security risks to avert potential breaches.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free