On September 12, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of two notable vulnerabilities to its Known Exploited Vulnerabilities Catalog. The newly identified threats are CVE-2023-36802, which relates to the Microsoft Streaming Service Proxy Elevation of Privilege, and CVE-2023-36761, addressing an Information Disclosure vulnerability in Microsoft Word.
These vulnerabilities are categorized as active points of exploitation and have raised alarms among cybersecurity experts. "These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise," CISA stated in its announcement.
"These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,"
With the goal of safeguarding federal networks, CISA’s actions stem from the Binding Operational Directive (BOD) 22-01, which mandates the reduction of risks posed by known exploited vulnerabilities. This directive has formally established the Known Exploited Vulnerabilities Catalog as a dynamic resource listing identified Common Vulnerabilities and Exposures (CVEs) that are especially dangerous.
"BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats," CISA emphasized. The directive aims to enhance cybersecurity resilience across federal agencies—and while its primary focus is on FCEB organizations, CISA has extended its guidance to all entities.
"BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats,"
CISA encourages non-federal organizations to address these vulnerabilities proactively by integrating the catalog into their vulnerability management practices. "CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities," the agency noted, reiterating the catalog's importance.
"CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities,"
As part of its commitment to cybersecurity, CISA will continue to monitor, evaluate, and add vulnerabilities to the catalog as necessary. The agency focuses on ensuring that both federal and non-federal entities remain informed about potential threats and take appropriate action.
Overall, the alert highlights the ongoing challenges faced by organizations in managing cyber threats. By remaining vigilant and responsive to identified vulnerabilities, businesses and government agencies can better secure their systems against malicious attacks. CISA's proactive stance underlines the importance of collaboration and timely action in the fight against cybersecurity risks.
In the ever-evolving landscape of cybersecurity, these updates are crucial for maintaining robust defenses and fostering a culture of security awareness. Organizations are encouraged to remain engaged with CISA updates to ensure they are prepared against emerging threats.