Threat actors have been observed exploiting a Windows kernel-mode driver elevation of privilege vulnerability, the severity of which is assessed as high (7.8 out of 10).
The US Cybersecurity and Infrastructure Security Agency (CISA) has added the known flaw to its Known Exploited Vulnerabilities Catalog and instructed federal agencies to apply a patch before January 6th, 2025.
Microsoft patched the untrusted pointer dereference vulnerability (CVE-2024-35250) on June 11th, 2024, during Patch Tuesday, and noted that “an attacker who successfully exploited this vulnerability could gain SYSTEM privileges.”
When a program uses a pointer (an address pointing to a location in memory) from an untrusted source, it will access the wrong part of the memory, which can lead to many problems, such as crashing the system or allowing attackers to access sensitive data.
The proof-of-concept exploit code has been publicly explained by DEVCPORE researchers, who reported the flaw to Microsoft.
CISA also added another actively exploited vulnerability. Adobe ColdFusion, a web application development platform, is affected by an improper access control flaw (CVE-2024-20767) that allows attackers to access or modify restricted files via an internet-exposed admin panel. Federal agencies should also apply mitigations by January 6th, 2025.
The Binding Operational Directive applies to Federal Civilian Executive Branch (FCEB) agencies.
“CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice,” the agency said in a statement.
Your email address will not be published. Required fields are markedmarked