Friday, July 3, 2026
HomeCyber SecurityCISA urges orgs to patch actively exploited Home windows SeriousSAM bug

CISA urges orgs to patch actively exploited Home windows SeriousSAM bug

[ad_1]

CISA urges orgs to patch actively exploited Windows SeriousSAM bug

The U.S. Cybersecurity & Infrastructure Safety Company (CISA) has added to the catalog of vulnerabilities one other 15 safety points actively utilized in cyberattacks.

CISA’s warning about these vulnerabilities serves as a wake-up name to all system directors that they should prioritize putting in safety updates to guard their organizations’ networks.

Failing to take action turns the corporate right into a goal for risk actors, who might breach digital premises, compromise information or acquire entry to delicate accounts.

Among the many new safety flaws CISA added to the catalog of actively exploited bugs, CVE-2021-36934 is the one which stands out. This is a Microsoft Home windows SAM (Safety Accounts Supervisor) vulnerability that permits anybody to entry the Registry database information on Home windows 10 and 11, extract password hashes and acquire administrator privileges.

Microsoft fastened this flaw in July 2021, however seven months later there’s nonetheless a big variety of techniques that want to put in the replace. Additionally, there are workarounds for this vulnerability obtainable right here.

The 15 flaws highlighted this time are a mixture of outdated and new, starting from 2014 to 2021, as detailed within the desk beneath.

CVE ID Description Patch Deadline
CVE-2021-36934 Microsoft Home windows SAM Native Privilege Escalation Vulnerability 2/24/2022
CVE-2020-0796 Microsoft SMBv3 Distant Code Execution Vulnerability 8/10/2022
CVE-2018-1000861 Jenkins Stapler Net Framework Deserialization of Untrusted Information 8/10/2022
CVE-2017-9791 Apache Struts 1 Improper Enter Validation Vulnerability 8/10/2022
CVE-2017-8464 Microsoft Home windows Shell (.lnk) Distant Code Execution 8/10/2022
CVE-2017-10271 Oracle Company WebLogic Server Distant Code Execution 8/10/2022
CVE-2017-0263 Microsoft Win32k Privilege Escalation Vulnerability 8/10/2022
CVE-2017-0262 Microsoft Workplace Distant Code Execution Vulnerability 8/10/2022
CVE-2017-0145 Microsoft SMBv1 Distant Code Execution Vulnerability 8/10/2022
CVE-2017-0144 Microsoft SMBv1 Distant Code Execution Vulnerability 8/10/2022
CVE-2016-3088  Apache ActiveMQ Improper Enter Validation Vulnerability 8/10/2022
CVE-2015-2051 D-Hyperlink DIR-645 Router Distant Code Execution 8/10/2022
CVE-2015-1635 Microsoft HTTP.sys Distant Code Execution Vulnerability 8/10/2022
CVE-2015-1130 Apple OS X Authentication Bypass Vulnerability 8/10/2022
CVE-2014-4404 Apple OS X Heap-Primarily based Buffer Overflow Vulnerability 8/10/2022

Of the remainder, CVE-2020-0796 is one other essential safety flaw on CISA’s listing that admins ought to tackle. The bug acquired the utmost severity rating. It consists in misguided dealing with of maliciously crafted compressed information packets by SMBv3 and it may be exploited to attain distant code execution.

The flaw can accommodate “wormable” assaults, which implies that a risk actor might compromise massive networks faster and with much less effort.

Again in March 2020, there have been no less than 48,000 techniques weak to CVE-2020-0796, however, as underlined by CISA’s newest report, the issue continues to persist on many techniques.

CISA additionally added CVE-2015-2051, a distant code execution bug affecting D-Hyperlink DIR-645 routers that continues to ship to attackers.

The latest studies of exploitation for the actual vulnerability date from November 2021, when the BotenaGo botnet focused hundreds of thousands of IoT gadgets and routers through a set of 33 recognized exploits, together with CVE-2015-2051.

CISA’s listing of exploited vulnerabilities is a continuing reminder for organizations to cope with outdated and now not supported {hardware} that’s current in delicate elements of the community since adversaries don’t care how outdated a vulnerability is so long as it will get them in.

With the addition of the 15 flaws above, CISA’s Identified Exploited Vulnerabilities Catalog now lists 367 safety vulnerabilities.

[ad_2]

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments