CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA

The Cybersecurity and Infrastructure Security Agency (CISA) has added two newly discovered vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, warning that threat actors are actively exploiting these flaws in the wild.

The newly added vulnerabilities include:

CVE-2024-23897 - A critical vulnerability affecting the Windows Print Spooler service that could allow remote code execution. Microsoft has assigned this flaw a CVSS score of 9.8 out of 10, indicating its severity.

CVE-2024-23896 - A high-severity vulnerability in certain networking equipment that could enable unauthorized access to sensitive systems. The flaw affects multiple vendors' devices and has been observed in active exploitation campaigns.

CISA officials emphasized that these vulnerabilities pose significant risks to federal agencies and critical infrastructure organizations. The agency has mandated that all federal civilian agencies must patch these flaws by the specified deadlines or implement compensating controls.

"These vulnerabilities are being actively exploited by malicious cyber actors," said a CISA spokesperson. "Organizations should prioritize patching these flaws immediately to reduce their attack surface and protect their networks from compromise."

For organizations unable to patch immediately, CISA recommends implementing network segmentation, monitoring for suspicious activity, and applying available workarounds until patches can be deployed.

The KEV catalog serves as a critical resource for cybersecurity professionals, providing a curated list of vulnerabilities that have been observed in active exploitation. By adding these flaws to the catalog, CISA aims to drive rapid remediation across both public and private sector organizations.

Organizations are advised to check their systems against the affected versions listed in the KEV catalog and apply the appropriate security updates or mitigations as soon as possible.