On January 10, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) announced its latest updates to the Known Exploited Vulnerabilities Catalog, emphasizing the ongoing threat posed by cyber vulnerabilities actively being exploited by threat actors.
The two new entries are CVE-2023-46805, which addresses an authentication bypass vulnerability in Ivanti Connect Secure and Policy Secure, and CVE-2024-21887, which relates to a command injection vulnerability in the same systems. "These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise," said a CISA spokesperson.
"These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,"
CISA's addition of these vulnerabilities underscores its commitment to protecting federal networks. The catalog operates under the Binding Operational Directive (BOD) 22-01, which aims to mitigate risks related to known exploited vulnerabilities by requiring that federal agencies promptly address identified issues. This directive obliges Federal Civilian Executive Branch (FCEB) agencies to remediate vulnerabilities by specified deadlines.
"BOD 22-01 established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise," said the spokesperson. The ongoing updates signal a proactive stance from CISA in the face of evolving cyber threats.
"BOD 22-01 established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise,"
While BOD 22-01 only mandates action from federal agencies, CISA encourages all organizations to adopt a similar approach. "We strongly urge all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice," noted the spokesperson. This advice highlights the agency's view on the importance of comprehensive cybersecurity measures beyond federal compliance.
"We strongly urge all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice,"
CISA is set to continue its mission of adding vulnerabilities to the catalog that meet specific criteria, reflecting the dynamic nature of cyber threats. As risks evolve, so too must the response strategies of organizations across sectors.
Cybersecurity remains a paramount concern, as vulnerabilities like those cataloged by CISA can lead to significant breaches and undermine national security. Organizations are advised to actively monitor the catalog and integrate remediation strategies into their security frameworks.
The continuous updates from CISA indicate a heightened awareness and proactive approach to managing cyber risks. By keeping the Known Exploited Vulnerabilities Catalog current, CISA aims to deliver essential insights that can help prevent potentially disastrous security breaches across the federal enterprise and beyond.
As the cybersecurity landscape grows increasingly complex, the emphasis on timely and effective vulnerability management has never been more critical.