On January 13, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) announced the inclusion of two new vulnerabilities in its Known Exploited Vulnerabilities Catalog. This catalog is a resource that tracks vulnerabilities actively exploited by cyber attackers, aiming to fortify defenses across federal networks.
The newly added vulnerabilities are documented as CVE-2023-48365, a flaw linked to Qlik Sense that allows HTTP tunneling, and CVE-2024-12686, which pertains to an OS command injection vulnerability in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) tools. These vulnerabilities are not merely technical concerns; they represent significant risks that can be exploited by malicious cyber actors.
"These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise," stated a spokesperson from CISA, underscoring the critical nature of these threats.
"These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,"
CISA's proactive measures are grounded in the Binding Operational Directive (BOD) 22-01, which was established to mitigate risks associated with known exploited vulnerabilities. This directive requires that Federal Civilian Executive Branch (FCEB) agencies address identified vulnerabilities by designated due dates to safeguard their networks from ongoing threats. Federal agencies are therefore called to action: timely remediation is vital.
"While BOD 22-01 specifically targets FCEB agencies, we strongly urge all organizations to prioritize the remediation of vulnerabilities listed in our catalog," the spokesperson emphasized. This appeal reflects CISA's broader commitment to enhancing national cybersecurity posture.
"While BOD 22-01 specifically targets FCEB agencies, we strongly urge all organizations to prioritize the remediation of vulnerabilities listed in our catalog,"
Federal agencies are not alone in facing these challenges; the vulnerabilities identified can affect various sectors. By fostering an environment of vigilance, CISA encourages organizations of all types to incorporate these urgent fixes into their vulnerability management strategies.
"We will continue adding vulnerabilities to the catalog that meet the specified criteria," the agency reiterated, indicating that this list will evolve alongside the cyber threat landscape.
"We will continue adding vulnerabilities to the catalog that meet the specified criteria,"
Organizations are reminded that the dangers posed by these vulnerabilities not only compromise individual entities but can have sweeping consequences for the safety and security of federal networks. By taking proactive steps, agencies can protect their systems, thereby fortifying the country’s cybersecurity defenses against persistent and evolving threats.
As CISA continues to monitor and catalog vulnerabilities, organizations must remain vigilant and responsive to these threats. The call to action is clear: prioritize cybersecurity measures and ensure comprehensive strategies are in place to remediate vulnerabilities promptly, thereby safeguarding both individual and broader federal systems from exploitation.
