The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken action by including a critical vulnerability in Microsoft Streaming Service, identified as CVE-2023-29360, in its Known Exploited Vulnerabilities catalog. With a CVSS Score of 8.4, the vulnerability poses a significant risk as it allows attackers to exploit an untrusted pointer dereference, potentially gaining SYSTEM privileges. Thomas Imbert from Synacktiv made the discovery through the Trend Micro Zero Day Initiative, emphasizing the importance of collaboration in identifying and addressing such threats.
The availability of proof-of-concept (PoC) codes for this vulnerability has enabled multiple threat actors to incorporate malicious code into their attack chains. Notably, analysis of Raspberry Robin samples prior to October 2023 revealed the exploitation of CVE-2023-29360, linking the vulnerability to actual cyber threats. The public disclosure of the exploit in June led to its utilization by Raspberry Robin in August, underlining the urgency of addressing such vulnerabilities promptly.
In response to the identified risks, the Binding Operational Directive (BOD) 22-01 urges Federal Civilian Executive Branch (FCEB) agencies to address vulnerabilities listed in the Known Exploited Vulnerabilities catalog by the specified due date. This directive aims to enhance network security and protect against potential attacks exploiting the documented flaws. Cybersecurity experts also recommend that private organizations review the catalog and proactively address vulnerabilities within their infrastructure to mitigate the risk of exploitation.
