Current Security Issues, Vulnerabilities, and Exploits

Current CISA Security Alerts

  • CISA Releases Analysis of FY23 Risk and Vulnerability Assessments
    on September 13, 2024

    CISA has released an analysis and infographic detailing the findings from the 143 Risk and Vulnerability Assessments (RVAs) conducted across multiple critical infrastructure sectors in fiscal year 2023 (FY23). The analysis details a sample attack path including tactics and steps a cyber threat actor could follow to compromise an organization with weaknesses representative of those CISA observed in FY23 RVAs. The infographic highlights the most successful techniques for each tactic that RVAs documented. Both the analysis and infographic map threat actor behavior to the MITRE ATT&CK® framework. CISA encourages network defenders to review the analysis and infographic and apply the recommended mitigations to protect against the observed tactics and techniques.

  • Ivanti Releases Security Update for Cloud Services Appliance
    on September 13, 2024

    Ivanti has released a security update addressing an OS command injection vulnerability (CVE-2024-8190) affecting Ivanti Cloud Services Appliance (CSA) 4.6 (all versions before patch 519). A cyber threat actor could exploit this vulnerability to take control of an affected system.   At this time, Ivanti has confirmed limited exploitation and urges its customers using the affected versions to upgrade to CSA version 5.0. Ivanti no longer supports CSA 4.6 (end-of-life).  CISA recommends users and administrators review CISA and FBI's joint guidance on eliminating OS command injections and the Ivanti security advisory and apply the recommended updates.  Note: CISA has added CVE-2024-8190 to its Known Exploited Vulnerabilities Catalog, which, per Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the specified due date to protect FCEB networks against active threats. 

  • CISA Adds One Known Exploited Vulnerability to Catalog
    on September 13, 2024

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8190 Ivanti Cloud Services Appliance OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

  • Adobe Releases Security Updates for Multiple Products
    on September 12, 2024

    Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.    CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates:   Security update available for Adobe Media Encoder | APSB24-53 Security update available for Adobe Audition | APSB24-54 Security update available for Adobe After Effects | APSB24-55 Security update available for Adobe Premiere Pro | APSB24-58 Security update available for Adobe Illustrator | APSB24-66 Security update available for Adobe Acrobat Reader | APSB24-70 Security update available for Adobe ColdFusion | APSB24-71 Security update available for Adobe Photoshop | APSB24-72

  • CISA Releases Twenty-Five Industrial Control Systems Advisories
    on September 12, 2024

    CISA released twenty-five Industrial Control Systems (ICS) advisories on September 12, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-256-01 Siemens SINEMA Remote Connect Server ICSA-24-256-02 Siemens SINUMERIK ONE, SINUMERIK 840D and SINUMERIK 828D ICSA-24-256-03 Siemens User Management Component (UMC) ICSA-24-256-04 Siemens SINUMERIK Systems ICSA-24-256-05 Siemens Mendix Runtime ICSA-24-256-06 Siemens Automation License Manager ICSA-24-256-07 Siemens SIMATIC RFID Readers ICSA-24-256-08 Siemens Industrial Products ICSA-24-256-09 Siemens SIMATIC, SIPLUS, and TIM ICSA-24-256-10 Siemens SINEMA ICSA-24-256-11 Siemens Industrial Edge Management ICSA-24-256-12 Siemens Tecnomatix Plant Simulation ICSA-24-256-13 Siemens SCALANCE W700 ICSA-24-256-14 Siemens SIMATIC SCADA and PCS 7 Systems ICSA-24-256-15 Siemens Industrial Products ICSA-24-256-16 Siemens Third Party Component in SICAM and SITIPE Products ICSA-24-256-17 AutomationDirect DirectLogic H2-DM1E ICSA-24-256-18 Rockwell Automation ControlLogix/GuardLogix 5580 and CompactLogix/Compact GuardLogix 5380 ICSA-24-256-19 Rockwell Automation OptixPanel ICSA-24-256-20 Rockwell Automation AADvance Trusted SIS Workstation ICSA-24-256-21 Rockwell Automation 5015-U8IHFT ICSA-24-256-22 Rockwell Automation FactoryTalk Batch View ICSA-24-256-23 Rockwell Automation FactoryTalk View Site ICSA-24-256-24 Rockwell Automation Pavilion8 ICSA-24-256-25 Rockwell Automation ThinManager CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

  • Cisco Releases Security Updates for IOS XR Software
    on September 12, 2024

    Cisco released security updates to address vulnerabilities in Cisco ISO XR software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following advisories and apply the necessary updates:  September 2024 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication

  • Microsoft Releases September 2024 Security Updates
    on September 10, 2024

    Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft Security Update Guide for September