CISA Adds Three Known Exploited Vulnerabilities to Catalog

Home / Articles / External / Government

man thinking with graphic of locks swirling around his head

(Image source: Canva, Metamorworks)

December 3, 2024 | Originally published by Cybersecurity & Infrastructure Security Agency (CISA) on November 18, 2024

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation:

CVE-2024-1212 Progress Kemp LoadMaster OS Command Injection Vulnerability
CVE-2024-0012 Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability
CVE-2024-9474 Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability

Users and administrators are also encouraged to review the Palo Alto Threat Brief: Operation Lunar Peek related to CVE-2024-0012, the Palo Alto Security Bulletin for CVE-2024-0012, and the Palo Alto Security Bulletin for CVE-2024-9474 for additional information.

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Read Original Article

Focus Areas

Cybersecurity Knowledge Management & Information Sharing

Subscribe to the Digest

Start a New Technical Inquiry

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Focus Areas

Contact Us

Connect With Us

Helpful Resources