Hack Reports - Latest Cybersecurity News, Trends & Updates

CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation

Geetansh -

The latest news on the CISA USAHERDS vulnerability, tracked as CVE-2021-44207, involves its addition to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) due to evidence of active exploitation.

Key Highlights:

  1. CVE-2021-44207: This vulnerability affects Acclaim Systems USAHERDS software versions up to and including 7.4.0.1. It arises from the use of hard-coded credentials within the software, which can be exploited by attackers to gain unauthorized access23.

  2. Impact: The presence of hard-coded credentials can lead to severe consequences, including unauthorized access, data breaches, operational disruption, and damage to the trust and reputation of the affected organization2.

  3. Vendor Advisory: Acclaim Systems has issued an advisory recommending that users update to the latest version of the software, which addresses the hard-coded credentials issue and enhances security2.

  4. CISA Action: CISA has added CVE-2021-44207 to the KEV catalog, which requires federal agencies to remediate the vulnerability by January 13, 2025, to protect their networks against active threats23.

  5. General Guidance: CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of vulnerabilities listed in the KEV catalog as part of their vulnerability management practice3.

Active Vulnerabilities in KEV Catalog:

  • CVE-2024-20767: Adobe ColdFusion improper access control vulnerability3.
  • CVE-2024-35250: Microsoft Windows Kernel-Mode Driver untrusted pointer dereference vulnerability3.
  • CVE-2024-50623: Cleo multiple products unrestricted file upload vulnerability3.
  • CVE-2024-49138: Microsoft Windows Common Log File System (CLFS) driver heap-based buffer overflow vulnerability3.
  • CVE-2024-51378: CyberPanel incorrect default permissions vulnerability3.
  • CVE-2023-45727: North Grid Proself improper restriction of XML external entity (XEE) reference vulnerability3.
  • CVE-2024-11680: ProjectSend improper authentication vulnerability3.
  • CVE-2024-11667: Zyxel multiple firewalls path traversal vulnerability3.

These vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise and other organizations3.