Security News > 2024 > December > CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation

CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
2024-12-24 09:25

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2021-44207 (CVSS score: 8.1), a case of hard-coded, static credentials in Acclaim USAHERDS that


News URL

https://thehackernews.com/2024/12/cisa-adds-acclaim-usaherds.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-12-21 CVE-2021-44207 Use of Hard-coded Credentials vulnerability in Acclaimsystems Usaherds
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials.
network
high complexity
acclaimsystems CWE-798
8.1