CVE/vulnerability

CISA Warns of Adobe & Windows Kernel Driver Vulnerabilities Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert, adding two significant vulnerabilities to its Known Exploited Vulnerabilities Catalog.

These vulnerabilities, actively exploited by malicious actors, underscore the growing risks facing organizations.

Adobe ColdFusion Access Control Weakness (CVE-2024-20767)

One of the newly added vulnerabilities, CVE-2024-20767, affects Adobe ColdFusion due to improper access control.

This flaw allows unauthorized attackers to read arbitrary files on a server running vulnerable versions of ColdFusion.

2024 MITRE ATT&CK Evaluation Results Released for SMEs & MSPs -> Download Free Guide

It is particularly concerning given ColdFusion’s widespread use in web application development, making organizations reliant on it vulnerable to data breaches and operational disruptions.

Adobe has released security updates to address this issue, and organizations using ColdFusion 2023 (Update 6 and earlier) or ColdFusion 2021 (Update 12 and earlier) are strongly urged to apply the latest patches immediately. Failing to do so could expose critical systems to exploitation.

“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise” CISA added.

Windows Kernel Privilege Escalation Flaw (CVE-2024-35250)

The second vulnerability, CVE-2024-35250, resides in the Windows Kernel-Mode Driver and involves an untrusted pointer dereference issue.

This flaw allows attackers to escalate privileges to SYSTEM level, enabling them to execute arbitrary code with full administrative rights.

The vulnerability affects various Windows versions, including Windows 11 and multiple Windows Server editions, making it a high-priority threat for enterprises.

“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.” Microsoft fixed the vulnerability in the recent December patch Tuesday release.

Under Binding Operational Directive (BOD) 22-01, Federal Civilian Executive Branch (FCEB) agencies must remediate these vulnerabilities by January 6, 2025, to protect federal networks against active threats.

While this directive is mandatory for federal agencies, CISA strongly recommends that private organizations also prioritize addressing these vulnerabilities as part of their cybersecurity strategies.

By implementing timely updates and maintaining robust vulnerability management practices, organizations can reduce their exposure to cyberattacks and strengthen their overall security posture.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Researchers Turn the Tables: Scamming the Scammers in Telegram’s PigButchering Scheme

Cybersecurity specialists have devised an innovative approach to combat an emerging cybercrime called "PigButchering" on…

2 hours ago

New Spam Campaign Leverages Remote Monitoring Tools to Exploit Organizations

A sophisticated spam campaign targeting Portuguese-speaking users in Brazil has been uncovered by Cisco Talos,…

2 hours ago

New Attack Exploits X/Twitter Ad URL Feature to Deceive Users

Silent Push Threat Analysts have recently exposed a sophisticated financial scam leveraging a vulnerability in…

2 hours ago

Guess Which Browser Tops the List for Data Collection!

Google Chrome has emerged as the undisputed champion of data collection among 10 popular web…

2 hours ago

DOGE Big Balls Ransomware Leverages Open-Source Tools and Custom Scripts for Multi-Stage Attacks

A recent discovery by Netskope Threat Labs has brought to light a highly complex ransomware…

2 hours ago

Ransomware-as-a-Service (RaaS) Emerges as a Leading Framework for Cyberattacks

Ransomware-as-a-Service (RaaS) has solidified its position as the dominant framework driving ransomware attacks in 2024,…

2 hours ago