ConnectWise ScreenConnect Flaw Added To KEV Catalog
CISA has added the actively exploited ConnectWise ScreenConnect path-traversal vulnerability to its KEV catalog, mandating immediate remediation for affected users.
ConnectWise ScreenConnect remains a critical priority for security teams following its inclusion in the CISA Known Exploited Vulnerabilities (KEV) catalog. The path-traversal vulnerability, tracked as CVE-2024-1708, affects versions 23.9.7 and prior, potentially allowing unauthenticated attackers to execute remote code or access sensitive system data. Given its active exploitation in the wild, organizations running ScreenConnect must treat this as an emergency patching item. Immediate upgrades to the latest secure version are required to mitigate the risk of full system compromise.
A significant volume of critical vulnerabilities continues to plague the WordPress ecosystem, demanding immediate attention from site administrators. Notable issues include CVE-2023-51409 in the AI Engine: ChatGPT Chatbot plugin, CVE-2024-27956 in ValvePress Automatic, and CVE-2023-48777 in Elementor Website Builder, all of which involve dangerous file uploads or SQL injection. Additionally, CVE-2024-28000 and CVE-2023-40000 highlight serious privilege escalation and XSS risks within LiteSpeed Cache. These flaws allow attackers to bypass security controls, inject malicious code, or gain unauthorized administrative access, often with minimal effort. Administrators should audit their plugin inventories and apply available patches immediately to prevent site takeover.
Legacy vulnerabilities in Microsoft software continue to surface in threat intelligence feeds, serving as a reminder of the risks posed by unpatched, aging infrastructure. This includes critical remote code execution flaws such as CVE-2012-1891 in Microsoft Data Access Components, CVE-2013-0006 in MSXML, and various memory corruption issues in Internet Explorer and Windows Media Player, tracked as CVE-2010-0248 and CVE-2012-0003. While these vulnerabilities are older, their high EPSS scores indicate they remain relevant in environments where legacy systems have not been decommissioned or properly isolated. Security teams should prioritize network segmentation for any remaining systems running these outdated components.
Several critical vulnerabilities in enterprise software and development frameworks require urgent review to prevent lateral movement and unauthorized access. This includes CVE-2024-32709 in WP-Recall, CVE-2024-24882 in Masteriyo LMS, and the long-standing CVE-2012-2926 affecting multiple Atlassian products including JIRA, Confluence, and Bamboo. Furthermore, CVE-2013-2115 in Apache Struts 2 highlights the persistent risk of remote code execution via OGNL injection in older framework versions. These vulnerabilities often provide attackers with a foothold to escalate privileges or exfiltrate data from internal business applications. Organizations should verify their current versions against these identifiers and apply vendor-supplied updates or mitigations.