Advertisement
Top
image credit: Unsplash

CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required

April 10, 2023

Via: The Hacker News
Category:

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.

This includes three high-severity flaws in the Veritas Backup Exec Agent software (CVE-2021-27876, CVE-2021-27877, and CVE-2021-27878) that could lead to the execution of privileged commands on the underlying system. The flaws were fixed in a patch released by Veritas in March 2021.

  • CVE-2021-27876 (CVSS score: 8.1) – Veritas Backup Exec Agent File Access Vulnerability
  • CVE-2021-27877 (CVSS score: 8.2) – Veritas Backup Exec Agent Improper Authentication Vulnerability
  • CVE-2021-27878 (CVSS score: 8.8) – Veritas Backup Exec Agent Command Execution Vulnerability

Read More on The Hacker News

RELATED PUBLICATIONS

The importance of the Vulnerability Operations Centre for cybersecurity
OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Are passwordless systems the future of authentication?

Latest Publications

Russian hackers target EU countries using a simple Microsoft Outlook security flaw
Finland authorities warn of Android malware campaign targeting bank users
Chinese government website security is often worryingly bad, say Chinese researchers
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!