Open Nav
Sign Up

CISA Adds Six Known Exploited Vulnerabilities to Catalog

CISA Adds Six Known Exploited Vulnerabilities to Catalog

Bar Refael

January 9, 2024

CISA has recently expanded its Known Exploited Vulnerabilities Catalog with six new vulnerabilities. These vulnerabilities, actively exploited, pose significant risks and require immediate attention for mitigation.

Detailed Vulnerability Analysis and Mitigation Strategies:

  • CVE-2023-38203 – Adobe ColdFusion Deserialization of Untrusted Data Vulnerability
    • Description: This vulnerability involves unsafe deserialization in Adobe ColdFusion, potentially allowing remote code execution.
    • Mitigation: Update to the latest Adobe ColdFusion version, ensure all patches are applied, and validate inputs rigorously to prevent deserialization attacks.
  • CVE-2023-29300 – Adobe ColdFusion Deserialization of Untrusted Data Vulnerability
    • Description: Similar to CVE-2023-38203, this vulnerability in Adobe ColdFusion could allow attackers to execute arbitrary code remotely.
    • Mitigation: Apply the latest patches provided by Adobe, conduct regular security audits of the ColdFusion environment, and employ application firewalls.
  • CVE-2023-27524 – Apache Superset Insecure Default Initialization of Resource Vulnerability
    • Description: This vulnerability in Apache Superset leads to insecure default initialization, making it prone to unauthorized access.
    • Mitigation: Update Apache Superset to a version where this flaw is fixed. Change default settings and credentials during initial setup.
  • CVE-2023-41990 – Apple Multiple Products Code Execution Vulnerability
    • Description: Affects multiple Apple products and allows for remote code execution, possibly compromising the entire system.
    • Mitigation: Ensure all Apple products are updated to their latest versions. Enable automatic updates and frequently monitor for security updates from Apple.
  • CVE-2016-20017 – D-Link DSL-2750B Devices Command Injection Vulnerability
    • Description: An older vulnerability in D-Link DSL-2750B devices that allows for remote command injection, potentially giving full control to an attacker.
    • Mitigation: Update firmware to a secure version. If no update is available, consider replacing the device. Implement network segmentation and firewall rules to restrict access.
  • CVE-2023-23752 – Joomla! (CMS) Improper Access Control Vulnerability
    • Description: This vulnerability in Joomla! leads to improper access control, potentially allowing unauthorized information access or modification.
    • Mitigation: Update Joomla! to the latest version where this issue is resolved. Regularly review user permissions and roles within the Joomla! environment.

Policy Context:

  • Binding Operational Directive (BOD) 22-01: Requires Federal Civilian Executive Branch (FCEB) agencies to remediate these vulnerabilities to protect against active threats.

CISA Recommendations:

  • For FCEB Agencies: Adhere to the timelines set in BOD 22-01 for vulnerability remediation.
  • For All Organizations: Prioritize timely remediation of these vulnerabilities. Regularly update all systems and software, and follow cybersecurity best practices.

The addition of these vulnerabilities to CISA’s catalog highlights the need for ongoing vigilance and proactive cybersecurity measures. Organizations should act swiftly to mitigate these vulnerabilities to enhance their resilience against cyber threats.

Stay safe and informed,

OP Innovate.

Resources highlights

CVE-2026-46817: Critical Oracle E-Business Suite Vulnerability

A critical vulnerability in Oracle E-Business Suite is now being actively exploited in the wild. Tracked as CVE-2026-46817, the flaw affects the File Transmission component…

Read more >

cve-2026-46817-oracle-e-business

Cisco Unified CM Vulnerability CVE-2026-20230 Targeted After Public PoC Disclosure 

Cisco has disclosed and patched CVE-2026-20230, a critical SSRF vulnerability affecting Cisco Unified Communications Manager and Unified CM SME when the WebDialer service is enabled.…

Read more >

CVE-2026-20230

Microsoft Confirms Unpatched RoguePlanet Defender Zero-Day (CVE-2026-50656)

Microsoft has confirmed a new Microsoft Defender zero-day vulnerability tracked as CVE-2026-50656 and publicly referred to as RoguePlanet. The flaw affects the Microsoft Malware Protection…

Read more >

RoguePlanet_cve-2026-50656

FortiBleed Campaign Exposes Fortinet Firewall and VPN Credentials at Scale

A large-scale credential abuse campaign dubbed FortiBleed has reportedly affected tens of thousands of Fortinet firewall and VPN devices worldwide. Public reporting indicates that threat…

Read more >

fortibleed

Fortinet FortiSandbox Under Active Attack (CVE-2026-39813 & Others)

Threat actors are actively exploiting multiple critical vulnerabilities affecting Fortinet FortiSandbox. The reported activity involves three unauthenticated vulnerabilities: CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089. These flaws are…

Read more >

cve-2026-39813

Critical Wazuh Manager Vulnerability Enables Alert Tampering and Security Evidence Deletion

A critical vulnerability has been disclosed in Wazuh Manager that could allow attackers to tamper with security data, delete alerts, and manipulate forensic evidence stored…

Read more >

wazuh manager vulnerability
Under Cyber Attack?

Fill out the form and we will contact you immediately.