CISA Expands Known Exploited Vulnerability Catalog as TP-Link, Apache, and Oracle Flaws Surface
Cybersecurity authorities issue a warning as hackers exploit new vulnerabilities in popular software and devices
Photo: Wikimedia Commons
The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerability (KEV) catalog to include three new significant vulnerabilities affecting TP-Link, Apache, and Oracle software. Security experts have sounded the alarm as active exploitation of these flaws has been discovered in the wild.
The first of these vulnerabilities, CVE-2023-1389, is a high-severity TP-Link Archer AX-21 command injection vulnerability with a Common Vulnerability Scoring System (CVSS) score of 8.8. Attackers can exploit this vulnerability to gain remote code execution on affected routers.
The Mirai botnet has been reported to leverage this flaw to add more devices to its network, according to Trend Micro’s Zero Day Initiative.
Secondly, CVE-2023-21839 is a high-severity unspecified vulnerability in Oracle WebLogic Server, with a CVSS score of 7.5. This flaw allows an attacker to access the system without any credentials or authentication.
Oracle WebLogic Server platforms, which are designed to work with enterprise applications such as Java, are used both on-premises and in the cloud. Successful exploitation could grant access to critical data stored on the server, potentially leading to further attacks developed with the acquired information.
Lastly, CVE-2021-45046 is a critical Apache Log4j2 deserialization vulnerability, assigned a CVSS score of 9.0. This flaw enables threat actors to transmit malicious data and instruct vulnerable applications to execute harmful code, resulting in remote code execution and data loss.
As cyber threats continue to evolve, it is essential for organizations to remain vigilant and ensure their systems are patched against known vulnerabilities listed in CISA's KEV catalog.
The cybersecurity landscape can be likened to an ongoing game of cat and mouse, where hackers are continually seeking out vulnerable systems to exploit for their gain.