Security News > 2024 > December > CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
2024-12-24 09:25
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2021-44207 (CVSS score: 8.1), a case of hard-coded, static credentials in Acclaim USAHERDS that
News URL
https://thehackernews.com/2024/12/cisa-adds-acclaim-usaherds.html
Related news
- CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation (source)
- CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation (source)
- CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation (source)
- Ransomware criminals love CISA's KEV list – and that's a bug, not a feature (source)
- CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List (source)
- Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk (source)
- CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-21 | CVE-2021-44207 | Use of Hard-coded Credentials vulnerability in Acclaimsystems Usaherds Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. | 8.1 |