Decoding CISA Known Exploited Vulnerabilities

CSW's Threat Intelligence - December 26, 2022 - December 30, 2022

Posted on Dec 27, 2022 | Updated on Dec 30, 2022 | By Supriya Aluri

This edition brings you early warnings, trending news about cyber threats, and the accurate threat context. Check out which threat group is on the rampage, what vulnerability it could soon weaponize, and more.

Why play catch up when you can fix this now?

 

Trending Threats

Attackers are Actively Exploiting a Wordpress Vulnerability

CVE-2022-45359 is a vulnerability in YITH WooCommerce Gift Cards Premium, a WordPress plugin. When exploited it can allow unauthenticated attackers to upload files to vulnerable sites, including web shells that provide full access to the site. Attackers are currently uploading backdoors on the sites, obtaining remote code execution, and performing takeover attacks. The YITH WooCommerce plugin is used in more than 50,000 websites and many of its customers could be impacted by this attack campaign. 

 

Wordpress has already released a security update in the plugin version 3.21.0. All Wordpress customers are advised to update to this version at the earliest.

 

CISA Adds Old TIBCO Vulnerabilities to the KEV

On 29 Dec 2022, CISA added CVEs from 2018 that occur in TIBCO Software's JasperReports product. It is a Java-based reporting and data analytics platform for creating, distributing, and managing reports and dashboards.

CVE-2018-18809 is a directory traversal vulnerability in the JasperReports Library that could permit web server users to access sensitive files on the host. It can also allow an attacker to steal credentials and break into other systems. TIBCO patched it in March 2019.

 

CVE-2018-5430 is an information disclosure bug in the server component that could enable an authenticated user to gain read-only access to arbitrary files, including key configurations. It was fixed in April 2018.

 

All Federal agencies in the U.S. are required to patch these vulnerabilities by January 19, 2023.

 

We use our threat intelligence platform driven by Artificial Intelligence (AI) and Machine Learning (ML) models to analyze the vulnerabilities that hackers could potentially exploit. We warn our customers continuously about exposures and prioritize vulnerabilities to facilitate rapid remediation.

 

Follow our weekly blog and podcast to get proactive alerts on trending threats. Reach out to us if you need help managing your vulnerabilities and exposures.

Leverage our expertise and manage your threats continuously to stay safe from attackers.

Talk to Us!

 

Never miss a patch or an update with CSW's Patch Watch Newsletter. Subscribe now!

csw

Secure your environment from cyber-attacks!

Know How

incognito