Trending

ee-track">
Link copied!

CISA Adds New Vulnerabilities to Known Exploited Vulnerabilities Catalog – Critical Updates Required 

ISA updates the Known Exploited Vulnerabilities Catalog with critical flaws, adding CVE-2024-45195, CVE-2024-29059, CVE-2018-9276, and CVE-2018-19410.

February 5, 2025 · 4 min read
CISA Adds New Vulnerabilities to Known Exploited Vulnerabilities Catalog – Critical Updates Required 

Overview 

The Cybersecurity and Infrastructure Security Agency (CISA) has recently added four vulnerabilities to its Known Exploited Vulnerabilities Catalog. These vulnerabilities, identified in widely-used software products, have been actively exploited by cyber attackers.  

With these updates, CISA highlights the importance of addressing these flaws promptly to mitigate the risks they pose, particularly to federal enterprises and other critical infrastructure sectors. The newly added vulnerabilities include CVE-2024-45195, CVE-2024-29059, CVE-2018-9276, and CVE-2018-19410, all of which could have severe consequences for the security of affected systems. 

Detailed List of Vulnerabilities Highlighed in the Known Exploited Vulnerabilities Catalog 

CVE-2024-45195: Apache OFBiz Forced Browsing Vulnerability 

The first of the vulnerabilities, CVE-2024-45195, relates to a flaw in Apache OFBiz, an open-source enterprise resource planning (ERP) and e-commerce solution. This vulnerability is a forced browsing issue, where attackers can gain unauthorized access to certain parts of a website by bypassing security restrictions through direct URL requests. The flaw was discovered in Apache OFBiz versions before 18.12.16, and users are advised to upgrade to this version or later to mitigate the threat. 

The vulnerability can allow attackers to gain unauthorized access to sensitive data by leveraging weak authorization mechanisms. It is listed in the CISA Known Exploited Vulnerabilities Catalog due to active exploitation, with evidence showing malicious actors targeting vulnerable systems to escalate privileges.  

CVE-2024-29059: Microsoft .NET Framework Information Disclosure 

The second addition, CVE-2024-29059, is a critical information disclosure vulnerability affecting Microsoft .NET Framework. This flaw can allow attackers to access sensitive information stored within the system by exploiting weaknesses in error handling. With a CVSS score of 7.5 (High), this vulnerability is serious and can be exploited by attackers to access privileged information in systems running older versions of .NET Framework, specifically 4.8, 3.5, and 4.7.2. 

The impact of this vulnerability is widespread, affecting Windows 10 and Windows Server versions, making it a concern for organizations relying on these platforms. The flaw is also listed in CISA’s Known Exploited Vulnerabilities Catalog, reinforcing its immediate need for attention and patching to prevent potential breaches. 

CVE-2018-9276: Paessler PRTG Network Monitor OS Command Injection 

Another critical vulnerability is CVE-2018-9276, a command injection flaw discovered in PRTG Network Monitor versions prior to 18.2.39. This vulnerability allows attackers with administrator privileges on the system to inject operating system commands into the network monitor system. By sending malformed parameters to the system, attackers can execute arbitrary commands both on the server and on networked devices. 

PRTG Network Monitor is widely used for IT network monitoring, and an attacker exploiting this flaw could gain complete control over the system and its connected infrastructure. This vulnerability has been identified as a significant attack vector for malicious actors, potentially compromising entire networks. Users of affected versions must update their software to address this flaw. 

CVE-2018-19410: Paessler PRTG Network Monitor Local File Inclusion 

Another vulnerability in PRTG Network Monitor, CVE-2018-19410, involves a Local File Inclusion (LFI) issue, which allows unauthenticated attackers to bypass security mechanisms and escalate privileges. Attackers exploiting this flaw can create users with read-write privileges, including administrator-level access, by crafting malicious HTTP requests. This vulnerability has been confirmed to affect PRTG versions before 18.2.40.1683. 

Once exploited, this flaw can lead to severe compromises in the security of networked systems by allowing attackers to perform unauthorized actions, such as adding new administrative users and accessing sensitive data. CISA included this vulnerability in its Known Exploited Vulnerabilities Catalog after determining that it was actively being targeted by cybercriminals. 

Conclusion  

The vulnerabilities identified by CISA, such as CVE-2024-45195, CVE-2024-29059, CVE-2018-9276, and CVE-2018-19410, highlights the ongoing cybersecurity trends particularly in the vulnerability space. Organizations are encouraged to regularly monitor for updates and patch their systems without delay.  

Additionally, Cyble offers a powerful AI-driven threat intelligence platform that helps organizations stay protected of cybercriminals by providing continuous monitoring, actionable insights, and timely alerts about vulnerabilities and cyber risks. With its cutting-edge technologies like Cyble Vision, Cyble empowers businesses, federal agencies, and individuals to strengthen their cybersecurity posture.  

By leveraging Cyble’s tools for vulnerability management, dark web monitoring, and attack surface management, organizations can better protect sensitive data and critical infrastructure from exploitation.  

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams