Security News > 2024 > December > CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign

CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign
2024-12-17 05:47

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of flaws is below - CVE-2024-20767 (CVSS score: 7.4) - Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify restricted


News URL

https://thehackernews.com/2024/12/cisa-and-fbi-raise-alerts-on-exploited.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-03-18 CVE-2024-20767 Unspecified vulnerability in Adobe Coldfusion 2021/2023
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read.
network
high complexity
adobe
7.4
7.4