HomeVulnerabilityCISA Provides Acclaim USAHERDS Vulnerability to KEV Catalog Amid Lively Exploitation

CISA Provides Acclaim USAHERDS Vulnerability to KEV Catalog Amid Lively Exploitation

The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Monday added a now-patched high-severity security flaw impacting Acclaim Methods USAHERDS to the Recognized Exploited Vulnerabilities (KEV) catalog, primarily based on proof of lively exploitation within the wild.

The vulnerability in query is CVE-2021-44207 (CVSS rating: 8.1), a case of hard-coded, static credentials in Acclaim USAHERDS that would permit an attacker to finally execute arbitrary code on inclined servers.

Particularly, it issues using static ValidationKey and DecryptionKey values in model 7.4.0.1 and prior that might be weaponized to realize distant code execution on the server that runs the appliance. That mentioned, an attacker must leverage another means to acquire the keys within the first place.

“These keys are used to offer security for the appliance ViewState,” Google-owned Mandiant mentioned in advisory for the flaw again in December 2021. “A menace actor with data of those keys can trick the appliance server into deserializing maliciously crafted ViewState knowledge.”

Cybersecurity

“A menace actor with data of the validationKey and decryptionKey for an internet utility can assemble a malicious ViewState that passes the MAC test and will likely be deserialized by the server. This deserialization may end up in the execution of code on the server.”

See also  New ICS Malware 'FrostyGoop' Concentrating on Vital Infrastructure

Whereas there aren’t any new studies of CVE-2021-44207 being weaponized in real-world assaults, the vulnerability was recognized as being abused by the China-linked APT41 menace actor again in 2021 as a zero-day as a part of assaults concentrating on six U.S. state authorities networks.

Federal Civilian Government Department (FCEB) companies are beneficial to use vendor-provided mitigations by January 13, 2025, to safeguard their networks towards lively threats.

The event comes as Adobe warned of a crucial security flaw in ColdFusion (CVE-2024-53961, CVSS rating: 7.8), which it mentioned already has a identified proof-of-concept (PoC) exploit that would trigger an arbitrary file system learn.

The vulnerability has been addressed in ColdFusion 2021 Replace 18 and ColdFusion 2023 Replace 12. Customers are suggested to use the patches as quickly as doable to mitigate potential dangers.

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular