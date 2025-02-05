The U.S. Cybersecurity and Infrastructure Security Agency has added four vulnerabilities to its catalog of Known Exploited Vulnerabilities, warning federal agencies to take immediate action. While the mandate applies primarily to Federal Civilian Executive Branch agencies, the alert serves as a wake-up call for all organizations to assess their security posture and defend against emerging cyber threats.

What are the four vulnerabilities?

The four vulnerabilities are:

CVE-2024-45195: A direct request ( or ‘Forced Browsing’) vulnerability in the Apache OFBiz ERP system. In this vulnerability, which was patched in September 2024, a threat actor could use URLs, scripts, or files to run arbitrary code on the server.

A direct request ( or ‘Forced Browsing’) vulnerability in the Apache OFBiz ERP system. In this vulnerability, which was patched in September 2024, a threat actor could use URLs, scripts, or files to run arbitrary code on the server. CVE-2024-29059: A .NET Framework Information Disclosure Vulnerability in the Microsoft .NET Framework versions 3.5 and 4.8. Specifically, an error message could be generated that contained sensitive information such as passwords or the full pathname of the installed application. The error could pop up in multiple ways, either automatically generated by the source code or generated by a language interpreter or other external element. It was patched in March 2024.

A .NET Framework Information Disclosure Vulnerability in the Microsoft .NET Framework versions 3.5 and 4.8. Specifically, an error message could be generated that contained sensitive information such as passwords or the full pathname of the installed application. The error could pop up in multiple ways, either automatically generated by the source code or generated by a language interpreter or other external element. It was patched in March 2024. CVE-2018-9276: An issue in PRTG Network Monitor that could allow a threat actor with administrative access to the PRTG System Administrator to exploit an OS command injection vulnerability. It was patched in 2018.

An issue in PRTG Network Monitor that could allow a threat actor with administrative access to the PRTG System Administrator to exploit an OS command injection vulnerability. It was patched in 2018. CVE-2018-19410 is another issue in PRTG Network Monitor. By exploiting it, an author can use HTTP requests and perform a Local File Inclusion attack to create users with read-write privileges (including administrator). It was patched in 2018.

SEE: The U.K. has released a world-first Cyber Code of Practice to help developers, system operators, and organizations safely manage AI.

“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” CISA said in its alert.

Monitoring known exploited vulnerabilities can strengthen an organization’s overall security posture. In this case, the software companies patched the vulnerabilities — sometimes years ago — and users do not need to take any action. In addition, the vulnerabilities highlight the importance of compliance and reporting on security in critical sectors.