The U.S. Cybersecurity & Infrastructure Security Agency has added to its catalog of known exploited vulnerabilities three security issues that affect Microsoft devices, a Sophos product, and an enterprise solution from Oracle. The KEV catalog contains flaws confirmed to be exploited by hackers in attacks and serves as a repository for vulnerabilities that companies all over should treat with priority. The agency is urging federal agencies to apply available security updates for the three issues before December 7. Microsoft addressed CVE-2023-36584 in the October 2023 Patch Tuesday bundle of security updates. It wasn't flagged as actively exploited in the disclosure and at the time of writing it's still marked as non exploited. The critical flaw in Sophos Web Appliance, fixed on April 4, 2023, is identified as CVE-2023-1671 and has a severity score of 9.8. It can lead to remote code execution and affects versions of the software before 4.3.10.4. It is worth noting that Sophos Web Appliance reached end-of-life on July 20 and no longer receives any type of updates. The company notified customers that they should migrate to Sophos Firewall web protection. Although CISA's KEV catalog is mainly aimed at federal agencies in the U.S. companies across the world are advised to use it as an alert system for exploited vulnerabilities and take the necessary steps to update their systems or apply vendor-recommended mitigations. Hackers exploit recent F5 BIG-IP flaws in stealthy attacks. LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed. CISA warns of actively exploited Juniper pre-auth RCE exploit chain. Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks. HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000