Security News > 2024 > December > CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
2024-12-24 09:25
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2021-44207 (CVSS score: 8.1), a case of hard-coded, static credentials in Acclaim USAHERDS that
News URL
https://thehackernews.com/2024/12/cisa-adds-acclaim-usaherds.html
Related news
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs and Patch Released (source)
- Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation (source)
- Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability (source)
- CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel (source)
- Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-21 | CVE-2021-44207 | Use of Hard-coded Credentials vulnerability in Acclaimsystems Usaherds Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. | 8.1 |