The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The list of vulnerabilities is as follows –
There are little-to-no reports about how some of the aforementioned flaws are weaponized in the wild, but French cybersecurity company Sekoia revealed last week that threat actors are abusing CVE-2023-20118 to rope susceptible routers into a botnet called PolarEdge.
As for CVE-2024-4885, the Shadowserver Foundation said it has observed exploitation attempts against the flaw as of August 1, 2024. Data from GreyNoise shows that as many as eight unique IP addresses from Hong Kong, Russia, Brazil, South Korea, and the United Kingdom are linked to the malicious exploitation of the vulnerability.
In light of active exploitation, Federal Civilian Executive Branch (FCEB) agencies are urged to apply the necessary mitigations by March 24, 2025, to secure their networks.
