CISA Adds Known Exploited Vulnerabilities to Catalog - 20250115003 (#…

…1167) * Microsoft SharePoint Vulnerability Added in CISA Known Exploits * Format markdown docs * Fix format * Format markdown docs * Fix format1 * Format markdown docs * updated Ref No. * Fix Ref 20241024002 * Format markdown docs * Rename 20241024001-Microsoft-Sharepoint-Server-Vulnerability.md to 20241024002-Microsoft-Sharepoint-Server-Vulnerability.md Fix the markdown number * ServiceNow Advisory * Format markdown docs * Update 20241101001 Updated Vulnerability table with vulnerable version information instead of fixed versions to prevent confusion. Updated Recommendation links to Include both ServiceNow advisory links. * Format markdown docs * Paloalto Publishes Critical Advisory * Format markdown docs * Update 20241119001 Updated the overview to note this affects any unauthenticated attackers with network access. Included PAN observed exploitation. * Format markdown docs * CISA ICS Advisory * Format markdown docs * Update 20241211002 Removed blank row from table. * Palo Alto Vulnerability Scanner and Exploiter * Format markdown docs * Update 20250109002 Changes to reference syntax. * CISA Known Exploited Vulnerabilities * Format markdown docs --------- Co-authored-by: CharlesRN <CharlesRN@users.noreply.github.com> Co-authored-by: Joshua Hitchen (DGov) <86041569+DGovEnterprise@users.noreply.github.com> Co-authored-by: JadonWill <117053393+JadonWill@users.noreply.github.com> Co-authored-by: JadonWill <JadonWill@users.noreply.github.com>
wagov · Jan 15, 2025 · ae5e18f · ae5e18f
1 parent 524da5f
commit ae5e18f
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/docs/advisories/20250115003-CISA-Known-Exploited-Vulnerabilities.md b/docs/advisories/20250115003-CISA-Known-Exploited-Vulnerabilities.md
@@ -0,0 +1,21 @@
+# CISA Adds Known Exploited Vulnerabilities to Catalog - 20250115003
+
+## Overview
+
+CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
+
+## What is the vulnerability?
+
+| CVE                                                               | Affected Product                                                                                      |
+| ----------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------- |
+| [CVE-2024-12686](https://nvd.nist.gov/vuln/detail/CVE-2024-12686) | BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability |
+| [CVE-2023-48365](https://nvd.nist.gov/vuln/detail/CVE-2023-48365) | Qlik Sense HTTP Tunneling Vulnerability                                                               |
+|                                                                   |                                                                                                       |
+
+## What has been observed?
+
+CISA has listed this vulnerabilty in their [Known Exploited Vulnerabilties](https://www.cisa.gov/known-exploited-vulnerabilities-catalog) catalog.
+
+## Recommendation
+
+Due to the report of active exploitation, it is strongly recommended to patch this vulnerability within 2 weeks across all affected platforms as per vendor instructions.