The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Thursday added two security flaws impacting Hikvision and Rockwell Automation merchandise to its Identified Exploited Vulnerabilities (KEV) catalog, citing proof of lively exploitation.
The critical-severity vulnerabilities are listed under –
- CVE-2017-7921 (CVSS rating: 9.8) – An improper authentication vulnerability affecting a number of Hikvision merchandise that would enable a malicious person to escalate privileges on the system and achieve entry to delicate info.
- CVE-2021-22681 (CVSS rating: 9.8) – An insufficiently protected credentials vulnerability affecting a number of Rockwell Automation Studio 5000 Logix Designer, RSLogix 5000, and Logix Controllers that would enable an unauthorized person with community entry to the controller to bypass the verification mechanism and authenticate with it, in addition to alter its configuration and/or software code.
The addition of CVE-2017-7921 to the KEV catalog comes greater than 4 months after the SANS Web Storm Heart disclosed that it had detected exploit makes an attempt towards Hikvision cameras vulnerable to the flaw. Nonetheless, there seems to be no public report describing assaults involving CVE-2021-22681.
In mild of lively exploitation, Federal Civilian Govt Department (FCEB) businesses are advisable to replace to the most recent supported software program variations by March 26, 2026, as a part of Binding Operational Directive (BOD) 22-01.
“These kinds of vulnerabilities are frequent assault vectors for malicious cyber actors and pose important dangers to the federal enterprise,” CISA mentioned.
“Though BOD 22-01 solely applies to FCEB businesses, CISA strongly urges all organizations to scale back their publicity to cyberattacks by prioritizing well timed remediation of KEV Catalog vulnerabilities as a part of their vulnerability administration apply.”
