Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Vulnerabilities & Exploits » CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation

CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation

CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation

https://firewall.firm.in/wp-content/uploads/2024/12/software.png

Dec 24, 2024Ravie LakshmananVulnerability / Software Security

Acclaim USAHERDS Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild.

The vulnerability in question is CVE-2021-44207 (CVSS score: 8.1), a case of hard-coded, static credentials in Acclaim USAHERDS that could allow an attacker to ultimately execute arbitrary code on susceptible servers.

Specifically, it concerns the use of static ValidationKey and DecryptionKey values in version 7.4.0.1 and prior that could be weaponized to achieve remote code execution on the server that runs the application. That said, an attacker would have to leverage some other means to obtain the keys in the first place.

“These keys are used to provide security for the application ViewState,” Google-owned Mandiant said in advisory for the flaw back in December 2021. “A threat actor with knowledge of these keys can trick the application server into deserializing maliciously crafted ViewState data.”

Cybersecurity

“A threat actor with knowledge of the validationKey and decryptionKey for a web application can construct a malicious ViewState that passes the MAC check and will be deserialized by the server. This deserialization can result in the execution of code on the server.”

While there are no new reports of CVE-2021-44207 being weaponized in real-world attacks, the vulnerability was identified as being abused by the China-linked APT41 threat actor back in 2021 as a zero-day as part of attacks targeting six U.S. state government networks.

Federal Civilian Executive Branch (FCEB) agencies are recommended to apply vendor-provided mitigations by January 13, 2025, to safeguard their networks against active threats.

The development comes as Adobe warned of a critical security flaw in ColdFusion (CVE-2024-53961, CVSS score: 7.8), which it said already has a known proof-of-concept (PoC) exploit that could cause an arbitrary file system read.

The vulnerability has been addressed in ColdFusion 2021 Update 18 and ColdFusion 2023 Update 12. Users are advised to apply the patches as soon as possible to mitigate potential risks.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.


Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

Juniper Firewall
Cisco Firewall
Checkpoint Firewall
paloalto Firewall
Fortinet Firewall
Forcepoint Firewall

 

Sophos Firewall
WatchGuard Firewall
Barracuda Firewall
Sonicwall Firewall
GajShield Firewall
Seqrite Firewall

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket

Firewall Firm is a Managed Firewall Security Solution Provider Company in India | Digital Marketing by SEO Company India | Powered by IT Monteur