Critical breakthroughs in 2024: new threats to Adobe, SolarWinds, and VMware

On July 17, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) added three new critical vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. The vulnerabilities affect Adobe Commerce and Magento Open Source (CVE-2024-34102), SolarWinds Serv-U (CVE-2024-28995), and VMware vCenter Server (CVE-2022-22948). These flaws represent preferred entry points for malicious actors and pose a significant risk to federal infrastructure. CISA urged all organizations, not just Federal Civilian Executive Branch (FCEB) agencies subject to Binding Operational Directive BOD 22-01, to promptly patch these vulnerabilities to mitigate cyber threats.

Addition of a critical vulnerability

On July 15, 2024, a new critical vulnerability was listed in CISA's Known Exploited Vulnerabilities Catalog, following evidence of active exploitation. This isCVE-2024-36401 , which affects OSGeo GeoServer GeoTools and involves an Eval Injection vulnerability. The inclusion of this threat highlights the importance of continuous monitoring and proactive management of cyber vulnerabilities. Known and actively exploited vulnerabilities represent a high risk and require immediate and specific interventions to protect both federal and non-federal infrastructure.

Advisory on industrial control systems

On July 16, 2024, CISA published an advisory regarding industrial control systems (ICS) with technical details and mitigation measures. Among these, advisory ICSA-24-198-01 focuses on Rockwell Automation Pavilion 8. ICS advisories are essential to protect critical infrastructure, which is critical to various industries such as energy, water, transportation and manufacturing. CISA encourages users and administrators to review the new advisories to understand the vulnerabilities and apply appropriate security measures to prevent potential exploits.

Importance of proactive vulnerability management

CISA's updates to its vulnerability catalog and release of industrial control systems advisories highlight the importance of proactive vulnerability management for protecting critical infrastructure. Organizations must prioritize fixing known vulnerabilities to protect their networks from cyber attacks. Staying up to date on the latest threats and applying available patches promptly is crucial to maintaining a secure environment and reducing the attack surface. Vulnerability management is not only a technical issue, but also an indispensable security strategy to prevent cyber incidents.