CISA Urges Swift Action on Newly Discovered Vulnerabilities: Critical Flaws Affect Major Software

Listen to this Post

2025-02-05

The US Cybersecurity & Infrastructure Security Agency (CISA) has added four critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, warning federal agencies and large organizations of their potential risks. The affected software includes Microsoft’s .NET Framework and Apache OFBiz, both of which are widely used across various sectors. While these flaws are actively being exploited, CISA has not revealed specific details about the attackers or their targets. The agency emphasizes the urgent need for organizations to apply the latest security patches to mitigate potential threats.

Summary

CISA’s addition of four vulnerabilities to its Known Exploited Vulnerabilities catalog underscores the need for rapid patching to protect sensitive systems. The most significant of these flaws involve Microsoft’s .NET Framework and Apache OFBiz, two key software tools that are regularly targeted by attackers.

  1. .NET Framework Flaw (CVE-2024-29059): A high-severity information disclosure vulnerability, discovered by CODE WHITE, allows attackers to leak internal object URIs and perform .NET Remoting attacks. Though Microsoft initially downplayed the issue, it was eventually patched in January 2024. A proof-of-concept exploit has since been released by CODE WHITE.

  2. Apache OFBiz Flaw (CVE-2024-45195): A critical remote code execution vulnerability that allows unauthenticated attackers to exploit restricted paths through forced browsing. Discovered by Rapid7, this flaw was patched in September 2024. Users are advised to upgrade to version 18.12.16 or later.

  3. Paessler PRTG Flaws (CVE-2018-9276, CVE-2018-19410): These vulnerabilities impact network monitoring software, with issues like OS command injection and local file inclusion. Although patched in June 2018, organizations are still urged to apply updates by February 2025.

CISA has set a deadline of February 25, 2025 for impacted organizations to apply patches, or they may need to cease using these vulnerable products. However, the agency has not shared any information about the specifics of the ongoing attacks exploiting these flaws.

What Undercode Says:

The inclusion of these vulnerabilities in CISA’s KEV catalog highlights the ongoing threat posed by cybercriminals exploiting unpatched vulnerabilities in widely used software. The .NET Framework flaw, for instance, represents a significant security risk, especially given that it was initially downplayed by Microsoft. The eventual release of a proof-of-concept exploit by CODE WHITE only heightens the urgency for organizations to apply patches and mitigate potential exposure.

What stands out about these vulnerabilities is the fact that they are not new, but their inclusion in the KEV catalog now forces organizations to confront the reality that they are actively being targeted. CISA’s decision to push for immediate patching or discontinuation of the affected software underscores the importance of timely response in mitigating security risks. The specific mention of February 25, 2025, as a deadline for applying patches adds a layer of urgency for organizations to act now rather than delay.

A particularly troubling aspect of this advisory is the lack of detailed information from CISA regarding the nature of the attacks. With many cybercriminal groups continuously refining their tactics, it’s crucial to understand the specific vectors through which these vulnerabilities are being exploited. Unfortunately, the absence of such details leaves organizations to guess at the scope of the threat, which can lead to gaps in their defense strategy.

The Apache OFBiz flaw (CVE-2024-45195) is another critical issue. It’s worth noting that despite the patch being available since September 2024, CISA’s warning in February 2025 indicates that the vulnerability is still a significant risk. This highlights a recurring problem in cybersecurity: despite the availability of fixes, many organizations delay or fail to update their systems, leaving them exposed to exploitation.

As always, the key takeaway here is that timely patching is essential for organizations to stay ahead of evolving threats. Organizations that hesitate to apply updates, or worse, neglect them entirely, may face severe consequences. The proactive stance taken by CISA here is a reminder that cybersecurity is not just about reacting to incidents but about anticipating and mitigating risks before they can be exploited.

In conclusion, organizations must treat these vulnerabilities as top priority, conducting thorough vulnerability assessments and ensuring that all necessary patches are applied without delay. The increased attention to CVE-2024-29059 and CVE-2024-45195 by CISA underscores the need for cybersecurity professionals to continuously monitor emerging threats and act swiftly to protect their networks from exploitation. The clock is ticking, and proactive patching is the most effective defense.

References:

Reported By: https://www.bleepingcomputer.com/news/security/cisa-tags-microsoft-net-and-apache-ofbiz-bugs-as-exploited-in-attacks/
https://www.instagram.com
Wikipedia: https://www.wikipedia.org
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://craiyon.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image