NCSC Anticipates Ongoing Ties with CISA During Trump Era

CISA Adds Mitel and Oracle Vulnerabilities to Exploited List

CISA Adds Critical Vulnerabilities to KEV Catalog: What You Need to Know

On January 7, the Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) catalog, adding three significant security flaws that pose serious risks to organizations. Among these, two vulnerabilities target the Mitel MiCollab communications platform, while the third concerns Oracle WebLogic Server, a widely used application server. The most critical of these is CVE-2024-41713, a path traversal vulnerability that could allow attackers to gain unauthorized access, emphasizing the urgent need for organizations to strengthen their cybersecurity measures.

Overview of Newly Added Vulnerabilities

CISA’s latest update includes the following vulnerabilities:

  • CVE-2024-41713 (Mitel MiCollab): Rated critical with a CVSS score of 9.1, this vulnerability allows unauthenticated attackers to potentially access the entire unified communications infrastructure.
  • CVE-2024-55550 (Mitel MiCollab): This vulnerability has a CVSS score of 4.4 and, while less severe, can lead to greater system compromise when exploited alongside other vulnerabilities.
  • CVE-2020-2883 (Oracle WebLogic Server): Though patched in April 2020, this bug remains a significant threat, allowing unauthenticated attackers to take control of affected servers through specific network protocols.

Risks Associated with Mitel MiCollab Vulnerabilities

According to Sarah Jones, a cyber threat intelligence research analyst at Critical Start, CVE-2024-41713 is particularly alarming due to its potential for exploitation without any authentication requirements. This vulnerability opens the door for attackers to compromise systems, exfiltrate sensitive data, and move laterally within networks.

Jones also highlighted the risks posed by CVE-2024-55550. While it requires administrative privileges to exploit, it allows attackers to read sensitive local files due to insufficient input sanitization.

The Ongoing Threat of Oracle WebLogic Server Vulnerability

The vulnerability CVE-2020-2883 in Oracle WebLogic Server is troubling because, despite being patched, the methods to exploit it are well-known and documented. This age of the vulnerability raises concerns about its potential for misuse by threat actors who can access affected servers remotely.

Recommended Actions for Organizations

To safeguard against these vulnerabilities, organizations should adopt a multi-layered defense strategy. Here are immediate actions recommended by cybersecurity experts:

  1. Emergency Patch: Ensure that all affected Mitel MiCollab systems are promptly patched.
  2. Deploy Web Application Firewall Rules: Implement rules to filter path traversal attempts.
  3. Verify Oracle WebLogic Server Installations: Confirm that all installations are up-to-date and patched against CVE-2020-2883.

Conclusion and Call to Action

With the addition of these critical vulnerabilities to CISA’s KEV catalog, it is crucial for organizations to take swift action to protect their systems. Stay informed about the latest cybersecurity threats and best practices. If you have thoughts on this topic or want to read more articles about cybersecurity, feel free to share your comments below. For further reading, check out CISA’s official resources and explore related cybersecurity measures on our site.

Share it

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *