Home > News > CISA Alert: Chrome/Excel Bugs Exploited! 馃毃馃捇

CISA Alert: Chrome/Excel Bugs Exploited! 馃毃馃捇

: cisa alert: chrome/excel bugs exploited! 馃毃馃捇

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chrome and Perl library flaws to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog, based on evidence of active exploitation. The catalog is a comprehensive list of known vulnerabilities that are currently being exploited by hackers and nation-state actors. The agency added a zero-day vulnerability in Google Chrome and a remote code execution vulnerability in Spreadsheet::ParseExcel, an open-source Perl library.

CVE-2023-7024

The zero-day vulnerability, tracked as CVE-2023-7024, is a heap buffer overflow issue in WebRTC. The flaw was reported by Cl茅ment Lecigne and Vlad Stolyarov of Google鈥檚 Threat Analysis Group on December 19, 2023, and was fixed in just one day. Google released emergency updates to address this zero-day vulnerability. The fact that the issue was discovered by Google TAG suggests it was exploited by a nation-state actor or by a surveillance firm.

CVE-2023-7101

The remote code execution vulnerability, tracked as CVE-2023-7101, stems from the evaluation of Number format strings within the Excel parsing logic. The issue is in the open-source Perl library Spreadsheet::ParseExcel. Barracuda has filed CVE-2023-7101 for this vulnerability. At the time of this writing, the issue has yet to be addressed.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, federal civilian executive branch (FCEB) agencies have to address the identified vulnerabilities by January 23, 2024, to protect their networks against attacks exploiting the flaws in the catalog. This directive is part of the vulnerability management and remediation process that CISA uses to prioritize and address vulnerabilities in the federal government's networks.

Private organizations are also recommended to review the catalog and address the vulnerabilities in their infrastructure. The catalog currently has over 730 entries and is continuously growing as CISA becomes aware of new vulnerabilities that meet its specified criteria.

In conclusion, the addition of these two vulnerabilities to the Known Exploited Vulnerabilities catalog highlights the importance of prioritizing vulnerability management and remediation. By addressing these vulnerabilities promptly, organizations can minimize the risk of cyberattacks and protect their networks from malicious cyber actors.

Frequently Asked Questions

What are the implications of the Chrome vulnerabilities listed by CISA?

The Chrome vulnerabilities listed by CISA pose significant risks to organizations as they can be exploited by malicious cyber actors. These vulnerabilities can allow attackers to gain unauthorized access to sensitive information, install malware, or take control of affected systems. Organizations that fail to address these vulnerabilities are at risk of data breaches, financial losses, and reputational damage.

How can organizations protect against the Perl library flaws recently added to CISA's catalog?

Organizations can protect against the Perl library flaws by applying the latest security patches and updates. They should also implement security best practices such as using firewalls, intrusion detection and prevention systems, and access controls. It is also recommended that organizations conduct regular vulnerability assessments and penetration testing to identify and address vulnerabilities before they can be exploited.

What steps should be taken after a CVE is reported as known exploited?

After a CVE is reported as known exploited, organizations should immediately assess their systems to determine if they are vulnerable to the exploit. If vulnerable, they should apply the latest security patches and updates, or implement temporary mitigations until a patch is available. Organizations should also monitor their systems for any signs of exploitation and report any suspicious activity to their security teams.

How does CISA determine which vulnerabilities to include in their exploited vulnerabilities catalog?

CISA determines which vulnerabilities to include in their exploited vulnerabilities catalog based on evidence of active exploitation. This includes reports from trusted sources such as security researchers, vendors, and government agencies. CISA also considers the potential impact of the vulnerability on the federal enterprise and other critical infrastructure sectors.

What are the potential consequences of not addressing vulnerabilities found in the CISA catalog?

The potential consequences of not addressing vulnerabilities found in the CISA catalog include data breaches, financial losses, and reputational damage. Organizations that fail to address these vulnerabilities are at risk of being targeted by malicious cyber actors who exploit these vulnerabilities to gain unauthorized access to sensitive information, install malware, or take control of affected systems.

Where can I find the most recent list of known exploited vulnerabilities by CISA?

The most recent list of known exploited vulnerabilities by CISA can be found on their website. It is recommended that organizations regularly check this list and apply the latest security patches and updates to protect against known exploits.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.