Security News > 2024 > December > CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
2024-12-24 09:25
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2021-44207 (CVSS score: 8.1), a case of hard-coded, static credentials in Acclaim USAHERDS that
News URL
https://thehackernews.com/2024/12/cisa-adds-acclaim-usaherds.html
Related news
- CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation (source)
- CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks (source)
- Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability (source)
- CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25 (source)
- CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- Ransomware criminals love CISA's KEV list – and that's a bug, not a feature (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-21 | CVE-2021-44207 | Use of Hard-coded Credentials vulnerability in Acclaimsystems Usaherds Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. | 8.1 |