Tuesday, March 4, 2025
HomeCyber Security
Cyber Security

Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

admin
By admin
0
2
Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

Mar 04, 2025The Hacker InformationCyber Assault / Vulnerability

Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Monday added 5 safety flaws impacting software program from Cisco, Hitachi Vantara, Microsoft Home windows, and Progress WhatsUp Gold to its Recognized Exploited Vulnerabilities (KEV) catalog, based mostly on proof of lively exploitation.

The listing of vulnerabilities is as follows –

  • CVE-2023-20118 (CVSS rating: 6.5) – A command injection vulnerability within the web-based administration interface of Cisco Small Enterprise RV Collection routers that permits an authenticated, distant attacker to realize root-level privileges and entry unauthorized knowledge (Unpatched because of the routers reaching end-of-life standing)
  • CVE-2022-43939 (CVSS rating: 8.6) – An authorization bypass vulnerability in Hitachi Vantara Pentaho BA Server that stems from using non-canonical URL paths for authorization selections (Mounted in August 2024 with variations 9.3.0.2 and 9.4.0.1)
  • CVE-2022-43769 (CVSS rating: 8.8) – A particular factor injection vulnerability in Hitachi Vantara Pentaho BA Server that permits an attacker to inject Spring templates into properties information, permitting for arbitrary command execution (Mounted in August 2024 with variations 9.3.0.2 and 9.4.0.1)
  • CVE-2018-8639 (CVSS rating: 7.8) – An improper useful resource shutdown or launch vulnerability in Microsoft Home windows Win32k that permits for native, authenticated privilege escalation, and operating arbitrary code in kernel mode (Mounted in December 2018)
  • CVE-2024-4885 (CVSS rating: 9.8) – A path traversal vulnerability in Progress WhatsUp Gold that permits an unauthenticated attacker to realize distant code execution (Mounted in model 2023.1.3 in June 2024)
Cybersecurity

There are little-to-no reviews about how a few of the aforementioned flaws are weaponized within the wild, however French cybersecurity firm Sekoia revealed final week that menace actors are abusing CVE-2023-20118 to rope inclined routers right into a botnet known as PolarEdge.

As for CVE-2024-4885, the Shadowserver Basis stated it has noticed exploitation makes an attempt in opposition to the flaw as of August 1, 2024. Knowledge from GreyNoise exhibits that as many as eight distinctive IP addresses from Hong Kong, Russia, Brazil, South Korea, and the UK are linked to the malicious exploitation of the vulnerability.

In gentle of lively exploitation, Federal Civilian Govt Department (FCEB) companies are urged to use the mandatory mitigations by March 24, 2025, to safe their networks.

Discovered this text fascinating? This text is a contributed piece from one in all our valued companions. Observe us on Twitter and LinkedIn to learn extra unique content material we put up.


Previous article
How Cross-Chain DApps Deal with Fuel Optimization
Next article
Moonwatt secures $8.3M to dial up photo voltaic’s endurance with sodium-ion storage
admin
adminhttps://nextgentech.pennyhost.app

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Load more

Welcome to our tech blog, where we explore the latest innovations and trends shaping the digital landscape. From cutting-edge gadgets to insightful analyses of industry breakthroughs, we're your go-to source for tech news. Join us as we decode complex technologies and make them accessible to all enthusiasts. Stay informed, stay inspired, and delve into the future with us at next gen tech.

© Copyright 2024 - nextgentech.pennyhost.app. All rights reserved.