CISA Adds 4 New Vulnerabilities to Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added several vulnerabilities to its Known Exploited Vulnerabilities catalog. Among the newly listed vulnerabilities are those affecting D-Link DIR-820 Router, DrayTek Multiple Vigor Routers, Motion Spell GPAC, and SAP Commerce Cloud.

These vulnerabilities, including OS command injection and null pointer dereference issues, pose significant security risks and require immediate attention from federal agencies and private organizations alike. CVE-2023-25280, for instance, is an OS command injection vulnerability in the D-Link DIR-820 router that has been exploited by variants of the Mirai botnet targeting multiple flaws in IoT devices.

Similarly, CVE-2020-15415 affects DrayTek routers and is also exploited by bot variants targeting IoT devices. Other vulnerabilities in this catalog include CVE-2021-4043, which relates to Motion Spell GPAC, and CVE-2019-0344 for SAP Commerce Cloud, both of which can lead to serious security breaches if left unaddressed. CISA has mandated that federal agencies must remediate these vulnerabilities by October 21, 2024, under Binding Operational Directive 22-01, which aims to reduce the risks associated with known vulnerabilities.

Experts are also urging private organizations to review the catalog and take the necessary steps to protect their networks. Failure to address these vulnerabilities could leave systems open to exploitation by cybercriminals, increasing the risk of attacks. With the rise in attacks targeting known vulnerabilities, it is crucial for all organizations to stay informed and proactive in their cybersecurity efforts.

By implementing appropriate measures to mitigate these risks, organizations can better safeguard their networks and sensitive information from potential threats. CISA’s updated catalog serves as an essential resource for identifying and addressing these critical security issues.