CISA added the crucial flaw, CVE-2024-12356, to its Recognized Exploited Vulnerabilities (KEV) catalog on 19 December, an motion that indicated the company had info it had been exploited within the wild. This led some to consider it was most likely the flaw exploited within the assault that led to the compromise of workstations on the US Treasury.
Second flaw additionally exploited within the wild
Nonetheless, on Monday, CISA added the second medium-risk vulnerability, CVE-2024-12686, to KEV as nicely. It’s not clear if this was exploited as a part of the identical assaults or new ones after the BeyondTrust disclosure. As per CISA’s mandate, authorities companies have till 3 February to determine if they’ve weak deployments and ensure the patches are utilized.
Final week, in an replace on its investigation into the Treasury breach, CISA stated it didn’t have any indication that different authorities companies had been impacted within the assault.
