The U.S. Cybersecurity and Infrastructure Security Agency has added two vulnerabilities to the Known Exploited Vulnerabilities catalog, a recently patched flaw in Google Chrome and a bug affecting an open-source Perl library for reading information in an Excel file called Spreadsheet::ParseExcel.
America's cyber defense agency has given federal agencies until January 23 to mitigate the two security issues tracked as CVE-2023-7024 and CVE-2023-7101 according to vendor instructions or to stop using the vulnerable products.
Spreadsheet::ParseExcel RCE. The first issue that CISA added to its Known Exploited Vulnerabilities is CVE-2023-7101, a remote code execution vulnerability that affects versions 0.65 and older of the Spreadsheet::ParseExcel library.
Spreadsheet::ParseExcel is a general-purpose library that allows data import/export operations on Excel files, run analysis and automation scripts.
The product also provides a compatibility layer for Excel file processing on Perl-based web apps.
One product using the open-source library is Barracuda ESG, which has been targeted in late December by Chinese hackers who exploited the CVE-2023-7101 in Spreadsheet::ParseExcel to compromise appliances.
In collaboration with cybersecurity firm Mandiant, Barracuda assesses that the threat actor behind the attacks is UNC4841, who leveraged the flaw to deploy 'SeaSpy' and 'Saltwater' malware.
Barracuda applied mitigations for ESG on December 20, and a security update that addressed CVE-2023-7101 was made available on December 29, 2023, with Spreadsheet::ParseExcel version 0.66.
The latest actively exploited vulnerability added to KEV is CVE-2023-7024, a heap buffer overflow issue in WebRTC in Google Chrome web browser.
The flaw was discovered by Google's Threat Analysis Group and received a fix via an emergency update on December 20, in versions 120.0.6099.129/130 for Windows and 120.0.6099.129 for Mac and Linux.
This was the eighth zero-day vulnerability Google fixed in Chrome for 2023, underscoring the persistent effort and time hackers devote to finding and exploiting flaws in the widely used web browser.
CISA's KEV catalog is a valuable resource for organizations across the globe that aim at better vulnerability management and prioritization.
Hackers breach US govt agencies using Adobe ColdFusion exploit.
CISA warns of actively exploited Windows, Sophos, and Oracle bugs.
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers.
Google Chrome emergency update fixes 7th zero-day exploited in 2023.
CISA urges tech manufacturers to stop using default passwords.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 03 Jan 2024 16:00:10 +0000