The Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added products from Sophos, Oracle, and Microsoft to its Known Exploited Vulnerabilities (KEV) catalog.
In all three cases, CISA advises security teams to apply mitigations as per instructions from the vendors, but to discontinue if mitigations are not available.
These vulnerabilities affect Microsoft devices, a Sophos product, and an enterprise solution from Oracle. According to CISA, all of these vulnerabilities have been exploited in the wild, and organizations should take steps to mitigate them immediately.
The first vulnerability is CVE-2023-36584, which affects the Mark of the Web (MotW) security feature in Microsoft Windows. This vulnerability could allow an attacker to bypass security restrictions and execute arbitrary code on a victim's computer. Microsoft released a patch for this vulnerability in October 2023, so organizations should make sure to install the latest updates.
The second vulnerability is CVE-2023-1671, which affects Sophos Web Appliance. This vulnerability could allow an attacker to remotely execute code on a vulnerable appliance. Sophos released a patch for this vulnerability in April 2023, so organizations should make sure to install the latest updates.
A Sophos spokesperson pointed out that more than six months ago, on April 4, they released an automatic patch to all Sophos Web Appliances, and in July 2023, the company phased out Sophos Web Appliance as previously planned.
The third vulnerability is CVE-2020-2551, which affects Oracle Fusion Middleware. This vulnerability could allow an unauthenticated attacker with network access via IIOP to compromise a WebLogic server. Oracle released a patch for this vulnerability in July 2020, so organizations should make sure to install the latest updates.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.