The U.S. Cybersecurity and Infrastructure Security Agency (CISA) put three security problems on its Known Exploited Vulnerabilities (KEV) list this Monday. They found proof that these flaws are being actively used.

 

Here are the problems they added:

 

1. CVE-2023-48788 (CVSS score: 9.3) – Fortinet FortiClient EMS SQL Injection Vulnerability

 

2. CVE-2021-44529 (CVSS score: 9.8) – Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability

 

3. CVE-2019-7256 (CVSS score: 10.0) – Nice Linear eMerge E3-Series OS Command Injection Vulnerability

 

The problem with Fortinet FortiClient EMS was found out earlier this month. It lets attackers run code or commands without permission. Fortinet confirmed that it’s being used, but they haven’t shared more details about the attacks yet.

 

CVE-2021-44529 is about a code injection problem in Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA). It lets unauthorized users run harmful code with limited permissions. A recent study suggests this flaw might have been deliberately put there as a backdoor in an old open-source project.

 

CVE-2019-7256 lets attackers run code remotely on Nice Linear eMerge E3-Series access controllers. Threat actors have been using it since February 2020. Nice (previously Nortek) fixed this issue earlier this month, along with 11 other bugs. However, these problems were first reported by a security researcher back in May 2019.

 

 

Because these flaws are actively being used, federal agencies need to apply the fixes provided by the vendors by April 15, 2024. This news comes as CISA and the Federal Bureau of Investigation (FBI) released a joint alert, asking software makers to fix SQL injection flaws.

 

Quick link: New Study Reveals Risks in ChatGPT Plugins

 

The alert mentioned CVE-2023-34362, a serious SQL injection issue in Progress Software’s MOVEit Transfer. The Cl0p ransomware gang (also known as Lace Tempest) used this flaw to attack thousands of organizations.

 

The agencies stated, “Despite knowing about SQL injection problems for a long time and having ways to fix them, software makers keep making products with this issue. This puts many customers at risk.”

 

Stay ahead of threats and ensure compliance with Cyber Security Standards effortlessly. Utilize CyberArrow GRC to automate your cyber security GRC efforts and robust security. Act now to safeguard your organization!

 

Quick link: IMF Probes Significant Cyber Security Breach