Two vulnerabilities affecting a popular data analytics tool were added to the Cybersecurity and Infrastructure Security Agency's list of exploited bugs this week.
On Thursday, CISA added CVE-2023-41265 and CVE-2023-41266 to its catalog, giving federal civilian agencies until December 28 to patch the issues.
Both bugs were found this summer in Qlik Sense - a data analytics tool used widely among government organizations and large businesses.
The vulnerabilities provide hackers with an entry point into systems and allow them to elevate their privileges.
CVE-2023-41265 carries a vulnerability severity score of 9.6 and CVE-2023-41266 has a score of 8.2.
The vulnerabilities were discovered in August by researchers at cybersecurity firm Praetorian.
There are no mitigations and all versions of Qlik Sense Enterprise for Windows before May are vulnerable.
Both issues were used in a series of attacks by the Cactus ransomware gang since they were discovered, according to cybersecurity expert Kevin Beaumont and researchers at Arctic Wolf.
In several posts on the social media site Mastodon, Beaumont said searches on Shodan showed that many U.S-based organizations did have their instances exposed to the internet.
In addition to Cactus ransomware actors, several other ransomware gangs are exploiting the bugs, according to Beaumont.
Jonathan has worked across the globe as a journalist since 2014.
Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.
He previously covered cybersecurity at ZDNet and TechRepublic.
This Cyber News was published on therecord.media. Publication date: Fri, 08 Dec 2023 22:20:16 +0000