CISA Advises Organizations to Patch Actively Exploited Windows SeriousSAM Vulnerability

CISA Advises Organizations to Patch Actively Exploited Windows SeriousSAM Vulnerability

The Cybersecurity & Infrastructure Security Agency (CISA) of the United States has added 15 new security flaws to its list of current attacks. CISA’s warning about these flaws serves as a reminder to all system administrators that security upgrades must be prioritized to secure their businesses’ networks.

If this isn’t done, threat actors will be able to penetrate digital premises, compromise data, and get access to sensitive accounts, making the firm a target. This time, the 15 defects are a mix of old and new, with dates ranging from 2014 to 2021. The latest one, CVE-2021-36934, is a Microsoft Windows SAM (Security Accounts Manager) vulnerability that allows anybody to get administrator capabilities by gaining access to the Registry database files on Windows 10 and 11.

Although Microsoft addressed the problem in July 2021, many Windows machines are still without the update seven months later. Another security weakness on CISA’s list that administrators should repair is CVE-2020-0796. The bug was given the highest severity rating. It is caused by SMBv3’s incorrect processing of maliciously constructed compressed data packets, and it may be used to get remote code execution.

Because the weakness allows for “wormable” attacks, a threat actor might corrupt huge networks more quickly and with less effort. CVE-2020-0796 was vulnerable on at least 48,000 systems in March 2020. However, as CISA’s current report points out, the vulnerability still exists on numerous systems. CVE-2015-2051, a remote code execution issue affecting D-Link DIR-645 routers, is one of the older flaws that continues to deliver to attackers.

The most recent reports of exploitation for this issue originate from November 2021, when the BotenaGo botnet used a collection of 33 known flaws, including CVE-2015-2051, to attack millions of IoT devices and routers. As adversaries don’t care how old a vulnerability is as long as it gets them in, CISA’s list of exploited vulnerabilities serves as a continual reminder for companies to deal with outdated and no longer supported hardware located in important sections of the network. CISA’s Known Exploited Vulnerabilities Catalog currently has 367 security flaws.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.

Share: