CISA Adds Rejetto HTTP File Server, Windows Vulnerabilities to Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog, adding several critical vulnerabilities that pose significant risks to both public and private sectors. The latest additions include flaws in Microsoft Windows and Rejetto HTTP File Server, which have been identified as high-priority threats.

Newly Added Vulnerabilities

The newly added vulnerabilities are:

CVE-2024-23692: This vulnerability, with a CVSS score of 9.8, affects Rejetto HTTP File Server up to version 2.3m. It is a template injection flaw that allows remote, unauthenticated attackers to execute arbitrary commands on the affected system by sending specially crafted HTTP requests.
CVE-2024-38080: With a CVSS score of 7.8, this elevation of privilege vulnerability impacts Windows Hyper-V. Successful exploitation could enable attackers to gain SYSTEM privileges.
CVE-2024-38112: This Windows MSHTML Platform Spoofing Vulnerability has a CVSS score of 7.5. Exploiting this flaw requires attackers to take additional preparatory actions before sending a malicious file to victims, who would then need to execute it.

The inclusion of these vulnerabilities in the KEV catalog underscores their potential for exploitation and the urgency for remediation.

Implications for Federal and Private Sectors

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, Federal Civilian Executive Branch (FCEB) agencies are mandated to address these vulnerabilities by the specified due date to safeguard their networks. CISA has set a deadline of July 30, 2024, for federal agencies to fix these vulnerabilities.

Private organizations are also strongly advised to review the KEV catalog and address these vulnerabilities within their infrastructure. Failure to do so could leave critical systems exposed to potential attacks, leading to severe operational disruptions and data breaches.

Recent Additions and Expert Recommendations

Last week, CISA added another critical vulnerability to its KEV catalog: the Cisco NX-OS Command Injection Vulnerability (CVE-2024-20399). This addition highlights the ongoing efforts by CISA to keep the KEV catalog updated with the most pressing cybersecurity threats.

Cybersecurity experts recommend that both public and private entities prioritize the remediation of these vulnerabilities. Regularly updating security protocols and conducting thorough vulnerability assessments can significantly reduce the risk of exploitation.

For more updates on cybersecurity threats and best practices, follow Pierluigi Paganini on Twitter: @securityaffairs, Facebook, and Mastodon.

What is the difference between microsoft windows 11 home and pro?

The primary differences between Microsoft Windows 11 Home and Pro include features related to business and security. Windows 11 Pro offers advanced features such as BitLocker device encryption, remote desktop access, Hyper-V for virtualization, and enhanced security through Windows Information Protection. Additionally, Windows 11 Pro supports joining a domain or Azure Active Directory, essential for enterprise environments, whereas Windows 11 Home is tailored more for consumer use.

What are examples of rbac as used in microsoft windows?

Role-Based Access Control (RBAC) in Microsoft Windows is used to restrict system access to authorized users. Examples include setting up Active Directory roles such as 'Domain Administrator,' 'Account Operator,' and 'Backup Operator,' which grant varying levels of permissions based on the role assigned. Users can also be assigned specific permissions for file and folder access through NTFS permissions, enabling fine-grained control over user activities and access to resources in a Windows environment.

Update: 10 Jul 2024