Platform
Platform
Everything you need to run a secure global network—in a single system.
Solutions
Solutions
Learn how our solutions were designed to help you scale your IT resources
Company
CommandLink
Let's talk about how we can help you!
Partners
Release Date: September 17, 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four additional vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on confirmed evidence of active exploitation. These vulnerabilities, all associated with Adobe Flash Player, are frequent targets for cyberattacks and pose significant risks to federal agencies and organizations relying on vulnerable systems.
The newly added vulnerabilities are:
These vulnerabilities, which have long been a part of the attack arsenal of malicious actors, can lead to serious compromises, including unauthorized access, data theft, and the execution of malicious code. For organizations, these flaws represent critical entry points for cyberattacks that could disrupt operations or compromise sensitive information.
CISA's action is in line with Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, which mandates that Federal Civilian Executive Branch (FCEB) agencies take steps to remediate these vulnerabilities by a specific due date. BOD 22-01 created the Known Exploited Vulnerabilities Catalog as a dynamic list of Common Vulnerabilities and Exposures (CVEs) that present serious risks to federal agencies and networks.
Although BOD 22-01 applies directly to FCEB agencies, CISA strongly advises all organizations to take immediate action to reduce their risk of cyberattacks by prioritizing the remediation of vulnerabilities included in the catalog. By addressing these vulnerabilities, organizations can strengthen their defenses and reduce the likelihood of exploitation by malicious actors.
