02-05-2025, 04:35 PM
News CISA Updates KEV Catalog with High-Severity Vulnerabilities—Patch Now!
<p><img width="1280" height="672" src="https://thecyberexpress.com/wp-content/uploads/Known-Exploited-Vulnerabilities-3-1.webp" class="attachment-post-thumbnail size-post-thumbnail wp-post-image" alt="Known Exploited Vulnerabilities" decoding="async" srcset="https://thecyberexpress.com/wp-content/uploads/Known-Exploited-Vulnerabilities-3-1.webp 1280w, https://thecyberexpress.com/wp-content/u...0x158.webp 300w, https://thecyberexpress.com/wp-content/u...4x538.webp 1024w, https://thecyberexpress.com/wp-content/u...8x403.webp 768w, https://thecyberexpress.com/wp-content/u...0x315.webp 600w, https://thecyberexpress.com/wp-content/u...50x79.webp 150w, https://thecyberexpress.com/wp-content/u...0x394.webp 750w, https://thecyberexpress.com/wp-content/u...0x599.webp 1140w" sizes="(max-width: 1280px) 100vw, 1280px" title="CISA Updates KEV Catalog with High-Severity Vulnerabilities—Patch Now! 1"></p><span data-contrast="auto">The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) Catalog by adding several new vulnerabilities that have been actively exploited by cybercriminals. </span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">These vulnerabilities, found in widely-used software products, pose cybersecurity risks, especially to federal enterprises and critical infrastructure sectors. The newly <a href="https://www.cisa.gov/news-events/alerts/2025/02/04/cisa-adds-four-known-exploited-vulnerabilities-catalog" target="_blank" rel="nofollow noopener">added vulnerabilities</a> include CVE-2024-45195, CVE-2024-29059, CVE-2018-9276, and CVE-2018-19410—all of which can have severe consequences for the security of affected systems.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<h3 aria-level="2"><b><span data-contrast="none">Overview of the New Known Exploited Vulnerabilities</span></b></h3>
<h4 aria-level="3"><b><span data-contrast="none">CVE-2024-45195: Apache OFBiz Forced Browsing Vulnerability</span></b><span data-ccp-props="{"134245418":true,"134245529":true,"335559738":160,"335559739":80}"> </span></h4>
<span data-contrast="auto">T</span><span data-contrast="auto">he first <a class="wpil_keyword_link" href="https://thecyberexpress.com/firewall-daily/vulnerabilities/" title="vulnerability" data-wpil-keyword-link="linked" data-wpil-monitor-id="21010">vulnerability</a>, CVE-2024-45195, is a critical flaw in Apache OFBiz, an open-source enterprise resource planning (ERP) and e-commerce solution. This vulnerability is associated with forced browsing, which allows attackers to bypass <a class="wpil_keyword_link" href="https://thecyberexpress.com/" title="security" data-wpil-keyword-link="linked" data-wpil-monitor-id="21008">security</a> restrictions by directly accessing specific URLs, potentially revealing sensitive data.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">Discovered in <a href="https://thecyberexpress.com/apache-ofbiz-rce-vulnerability-patched/" target="_blank" rel="noopener">Apache OFBiz</a> versions earlier than 18.12.16, this vulnerability could enable unauthorized access to various website sections, depending on the implementation of weak authorization mechanisms. Attackers may <a class="wpil_keyword_link" href="https://cyble.com/exploit/" target="_blank" rel="noopener" title="exploit" data-wpil-keyword-link="linked" data-wpil-monitor-id="21012">exploit</a> this flaw to escalate privileges and gain access to sensitive data, including private user information or other confidential details.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">The CVE-2024-45195 vulnerability has been included in the CISA Known Exploited <a class="wpil_keyword_link" href="https://thecyberexpress.com/what-are-vulnerabilities/" title="Vulnerabilities" data-wpil-keyword-link="linked" data-wpil-monitor-id="21013">Vulnerabilities</a> Catalog because of its active exploitation, which makes it critical for organizations using Apache OFBiz to upgrade their software to version 18.12.16 or later.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<h4 aria-level="3"><b><span data-contrast="none">CVE-2024-29059: Microsoft .NET Framework Information Disclosure</span></b><span data-ccp-props="{"134245418":true,"134245529":true,"335559738":160,"335559739":80}"> </span></h4>
<span data-contrast="auto">Another serious vulnerability added to the Known Exploited Vulnerabilities Catalog is CVE-2024-29059, affecting the Microsoft .NET Framework. This information disclosure vulnerability enables attackers to gain access to sensitive information from systems running older versions of .NET Framework, such as 4.8, 3.5, and 4.7.2.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">This flaw can be exploited by attackers leveraging weaknesses in error handling within the system. With a CVSS score of 7.5 (High), it poses a significant risk to organizations using <a href="https://thecyberexpress.com/upgrading-windows-10-to-windows-11-easy-steps/" target="_blank" rel="noopener">Windows 10</a> or Windows Server versions, where the CVE-2024-29059 vulnerability is prevalent.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">Given its potential impact, CISA has listed CVE-2024-29059 in its catalog of known exploited vulnerabilities, urging organizations to quickly apply patches or updates to protect their systems from <a class="wpil_keyword_link" href="https://thecyberexpress.com/what-is-data/" title="data" data-wpil-keyword-link="linked" data-wpil-monitor-id="21014">data</a> exposure and potential breaches.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<h4 aria-level="3"><b><span data-contrast="none">CVE-2018-9276: Paessler PRTG Network Monitor OS Command Injection</span></b><span data-ccp-props="{"134245418":true,"134245529":true,"335559738":160,"335559739":80}"> </span></h4>
<span data-contrast="auto">The CVE-2018-9276 vulnerability relates to a critical flaw found in Paessler PRTG Network Monitor, a tool widely used for IT network monitoring. This vulnerability, identified in versions prior to 18.2.39, is a command injection issue that allows attackers with administrator privileges to inject operating system commands into the system.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">By exploiting this flaw, attackers could execute arbitrary commands not only on the PRTG server but also on connected network devices, potentially compromising entire network infrastructures. For organizations relying on PRTG to monitor their network health, this is a <a class="wpil_keyword_link" href="https://thecyberexpress.com/what-is-cybersecurity/" title="cybersecurity" data-wpil-keyword-link="linked" data-wpil-monitor-id="21011">cybersecurity</a> concern. </span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">The vulnerability's inclusion in the Known Exploited Vulnerabilities Catalog reflects the urgent need for PRTG users to update their systems to versions that resolve this issue.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<h4 aria-level="3"><b><span data-contrast="none">CVE-2018-19410: Paessler PRTG Network Monitor Local File Inclusion</span></b><span data-ccp-props="{"134245418":true,"134245529":true,"335559738":160,"335559739":80}"> </span></h4>
<span data-contrast="auto">Another vulnerability in Paessler’s PRTG Network Monitor, CVE-2018-19410, is a Local File Inclusion (LFI) flaw. This vulnerability allows unauthenticated attackers to bypass security restrictions and escalate their privileges by crafting malicious HTTP requests. Attackers can exploit this flaw to create new users with administrator privileges or read-write access, thereby gaining control over the system.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">Discovered in versions of PRTG prior to 18.2.40.1683, CVE-2018-19410 has been exploited in active attacks, making it a high-priority target for patching. By exploiting this vulnerability, attackers can manipulate the network monitoring system and access <a href="https://thecyberexpress.com/cert-in-flags-cve-2024-21287/" target="_blank" rel="noopener">sensitive data</a>, which could lead to serious security breaches.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<h3><b><span data-contrast="none">Conclusion </span></b><span data-ccp-props="{"134245418":true,"134245529":true,"335559738":160,"335559739":80}"> </span></h3>
<span data-contrast="auto">The vulnerabilities listed in the Known Exploited Vulnerabilities Catalog, such as CVE-2024-45195, CVE-2024-29059, CVE-2018-9276, and CVE-2018-19410, highlight the importance of proactive <a class="wpil_keyword_link" href="https://cyble.com/solutions/vulnerability-management/" target="_blank" rel="noopener" title="vulnerability management" data-wpil-keyword-link="linked" data-wpil-monitor-id="21009">vulnerability management</a>. Organizations must regularly patch their systems to avoid exploitation, especially those handling sensitive data or critical infrastructure. Using advanced tools like Cyble can further strengthen defenses by providing real-time monitoring and insights. </span><span data-ccp-props="{}"> </span>
https://thecyberexpress.com/cisa-adds-ne...ilities-2/
<p><img width="1280" height="672" src="https://thecyberexpress.com/wp-content/uploads/Known-Exploited-Vulnerabilities-3-1.webp" class="attachment-post-thumbnail size-post-thumbnail wp-post-image" alt="Known Exploited Vulnerabilities" decoding="async" srcset="https://thecyberexpress.com/wp-content/uploads/Known-Exploited-Vulnerabilities-3-1.webp 1280w, https://thecyberexpress.com/wp-content/u...0x158.webp 300w, https://thecyberexpress.com/wp-content/u...4x538.webp 1024w, https://thecyberexpress.com/wp-content/u...8x403.webp 768w, https://thecyberexpress.com/wp-content/u...0x315.webp 600w, https://thecyberexpress.com/wp-content/u...50x79.webp 150w, https://thecyberexpress.com/wp-content/u...0x394.webp 750w, https://thecyberexpress.com/wp-content/u...0x599.webp 1140w" sizes="(max-width: 1280px) 100vw, 1280px" title="CISA Updates KEV Catalog with High-Severity Vulnerabilities—Patch Now! 1"></p><span data-contrast="auto">The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) Catalog by adding several new vulnerabilities that have been actively exploited by cybercriminals. </span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">These vulnerabilities, found in widely-used software products, pose cybersecurity risks, especially to federal enterprises and critical infrastructure sectors. The newly <a href="https://www.cisa.gov/news-events/alerts/2025/02/04/cisa-adds-four-known-exploited-vulnerabilities-catalog" target="_blank" rel="nofollow noopener">added vulnerabilities</a> include CVE-2024-45195, CVE-2024-29059, CVE-2018-9276, and CVE-2018-19410—all of which can have severe consequences for the security of affected systems.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<h3 aria-level="2"><b><span data-contrast="none">Overview of the New Known Exploited Vulnerabilities</span></b></h3>
<h4 aria-level="3"><b><span data-contrast="none">CVE-2024-45195: Apache OFBiz Forced Browsing Vulnerability</span></b><span data-ccp-props="{"134245418":true,"134245529":true,"335559738":160,"335559739":80}"> </span></h4>
<span data-contrast="auto">T</span><span data-contrast="auto">he first <a class="wpil_keyword_link" href="https://thecyberexpress.com/firewall-daily/vulnerabilities/" title="vulnerability" data-wpil-keyword-link="linked" data-wpil-monitor-id="21010">vulnerability</a>, CVE-2024-45195, is a critical flaw in Apache OFBiz, an open-source enterprise resource planning (ERP) and e-commerce solution. This vulnerability is associated with forced browsing, which allows attackers to bypass <a class="wpil_keyword_link" href="https://thecyberexpress.com/" title="security" data-wpil-keyword-link="linked" data-wpil-monitor-id="21008">security</a> restrictions by directly accessing specific URLs, potentially revealing sensitive data.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">Discovered in <a href="https://thecyberexpress.com/apache-ofbiz-rce-vulnerability-patched/" target="_blank" rel="noopener">Apache OFBiz</a> versions earlier than 18.12.16, this vulnerability could enable unauthorized access to various website sections, depending on the implementation of weak authorization mechanisms. Attackers may <a class="wpil_keyword_link" href="https://cyble.com/exploit/" target="_blank" rel="noopener" title="exploit" data-wpil-keyword-link="linked" data-wpil-monitor-id="21012">exploit</a> this flaw to escalate privileges and gain access to sensitive data, including private user information or other confidential details.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">The CVE-2024-45195 vulnerability has been included in the CISA Known Exploited <a class="wpil_keyword_link" href="https://thecyberexpress.com/what-are-vulnerabilities/" title="Vulnerabilities" data-wpil-keyword-link="linked" data-wpil-monitor-id="21013">Vulnerabilities</a> Catalog because of its active exploitation, which makes it critical for organizations using Apache OFBiz to upgrade their software to version 18.12.16 or later.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<h4 aria-level="3"><b><span data-contrast="none">CVE-2024-29059: Microsoft .NET Framework Information Disclosure</span></b><span data-ccp-props="{"134245418":true,"134245529":true,"335559738":160,"335559739":80}"> </span></h4>
<span data-contrast="auto">Another serious vulnerability added to the Known Exploited Vulnerabilities Catalog is CVE-2024-29059, affecting the Microsoft .NET Framework. This information disclosure vulnerability enables attackers to gain access to sensitive information from systems running older versions of .NET Framework, such as 4.8, 3.5, and 4.7.2.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">This flaw can be exploited by attackers leveraging weaknesses in error handling within the system. With a CVSS score of 7.5 (High), it poses a significant risk to organizations using <a href="https://thecyberexpress.com/upgrading-windows-10-to-windows-11-easy-steps/" target="_blank" rel="noopener">Windows 10</a> or Windows Server versions, where the CVE-2024-29059 vulnerability is prevalent.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">Given its potential impact, CISA has listed CVE-2024-29059 in its catalog of known exploited vulnerabilities, urging organizations to quickly apply patches or updates to protect their systems from <a class="wpil_keyword_link" href="https://thecyberexpress.com/what-is-data/" title="data" data-wpil-keyword-link="linked" data-wpil-monitor-id="21014">data</a> exposure and potential breaches.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<h4 aria-level="3"><b><span data-contrast="none">CVE-2018-9276: Paessler PRTG Network Monitor OS Command Injection</span></b><span data-ccp-props="{"134245418":true,"134245529":true,"335559738":160,"335559739":80}"> </span></h4>
<span data-contrast="auto">The CVE-2018-9276 vulnerability relates to a critical flaw found in Paessler PRTG Network Monitor, a tool widely used for IT network monitoring. This vulnerability, identified in versions prior to 18.2.39, is a command injection issue that allows attackers with administrator privileges to inject operating system commands into the system.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">By exploiting this flaw, attackers could execute arbitrary commands not only on the PRTG server but also on connected network devices, potentially compromising entire network infrastructures. For organizations relying on PRTG to monitor their network health, this is a <a class="wpil_keyword_link" href="https://thecyberexpress.com/what-is-cybersecurity/" title="cybersecurity" data-wpil-keyword-link="linked" data-wpil-monitor-id="21011">cybersecurity</a> concern. </span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">The vulnerability's inclusion in the Known Exploited Vulnerabilities Catalog reflects the urgent need for PRTG users to update their systems to versions that resolve this issue.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<h4 aria-level="3"><b><span data-contrast="none">CVE-2018-19410: Paessler PRTG Network Monitor Local File Inclusion</span></b><span data-ccp-props="{"134245418":true,"134245529":true,"335559738":160,"335559739":80}"> </span></h4>
<span data-contrast="auto">Another vulnerability in Paessler’s PRTG Network Monitor, CVE-2018-19410, is a Local File Inclusion (LFI) flaw. This vulnerability allows unauthenticated attackers to bypass security restrictions and escalate their privileges by crafting malicious HTTP requests. Attackers can exploit this flaw to create new users with administrator privileges or read-write access, thereby gaining control over the system.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<span data-contrast="auto">Discovered in versions of PRTG prior to 18.2.40.1683, CVE-2018-19410 has been exploited in active attacks, making it a high-priority target for patching. By exploiting this vulnerability, attackers can manipulate the network monitoring system and access <a href="https://thecyberexpress.com/cert-in-flags-cve-2024-21287/" target="_blank" rel="noopener">sensitive data</a>, which could lead to serious security breaches.</span><span data-ccp-props="{"134233117":false,"134233118":false,"335551550":0,"335551620":0,"335559738":240,"335559739":240}"> </span>
<h3><b><span data-contrast="none">Conclusion </span></b><span data-ccp-props="{"134245418":true,"134245529":true,"335559738":160,"335559739":80}"> </span></h3>
<span data-contrast="auto">The vulnerabilities listed in the Known Exploited Vulnerabilities Catalog, such as CVE-2024-45195, CVE-2024-29059, CVE-2018-9276, and CVE-2018-19410, highlight the importance of proactive <a class="wpil_keyword_link" href="https://cyble.com/solutions/vulnerability-management/" target="_blank" rel="noopener" title="vulnerability management" data-wpil-keyword-link="linked" data-wpil-monitor-id="21009">vulnerability management</a>. Organizations must regularly patch their systems to avoid exploitation, especially those handling sensitive data or critical infrastructure. Using advanced tools like Cyble can further strengthen defenses by providing real-time monitoring and insights. </span><span data-ccp-props="{}"> </span>
https://thecyberexpress.com/cisa-adds-ne...ilities-2/