[CISA-2024:0821] CISA Adds 4 Known Exploited Vulnerabilities to Catalog

Severity Critical

CVEs 4

CISA has added 4 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

[CVE-2021-31196] Microsoft Exchange Server Information Disclosure Vulnerability

Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution.

Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Known To Be Used in Ransomware Campaigns?: Unknown
Vendor: Microsoft
Product: Exchange Server
Due Date: Wed Sep 11 00:00:00 2024
Notes: https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2021-31196; https://nvd.nist.gov/vuln/detail/CVE-2021-31196

[CVE-2021-33044] Dahua IP Camera Authentication Bypass Vulnerability

Dahua IP cameras and related products contain an authentication bypass vulnerability when the NetKeyboard type argument is specified by the client during authentication.

Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Known To Be Used in Ransomware Campaigns?: Unknown
Vendor: Dahua
Product: IP Camera Firmware
Due Date: Wed Sep 11 00:00:00 2024
Notes: https://www.dahuasecurity.com/aboutUs/trustedCenter/details/582; https://nvd.nist.gov/vuln/detail/CVE-2021-33044

[CVE-2021-33045] Dahua IP Camera Authentication Bypass Vulnerability

Dahua IP cameras and related products contain an authentication bypass vulnerability when the loopback device is specified by the client during authentication.

Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Known To Be Used in Ransomware Campaigns?: Unknown
Vendor: Dahua
Product: IP Camera Firmware
Due Date: Wed Sep 11 00:00:00 2024
Notes: https://www.dahuasecurity.com/aboutUs/trustedCenter/details/582; https://nvd.nist.gov/vuln/detail/CVE-2021-33045

[CVE-2022-0185] Linux Kernel Heap-Based Buffer Overflow Vulnerability

Linux kernel contains a heap-based buffer overflow vulnerability in the legacy_parse_param function in the Filesystem Context functionality. This allows an attacker to open a filesystem that does not support the Filesystem Context API and ultimately escalate privileges.

Action Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
Known To Be Used in Ransomware Campaigns?: Unknown
Vendor: Linux
Product: Kernel
Due Date: Wed Sep 11 00:00:00 2024
Notes: This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=722d94847de2; https://nvd.nist.gov/vuln/detail/CVE-2022-0185