CISA’s Bug Parade: New Vulnerabilities Added to Watchlist!

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities in ProjectSend, North Grid Proself, and Zyxel Firewalls to its Known Exploited Vulnerabilities catalog. These issues include improper authentication and path traversal flaws, highlighting the importance of applying security patches before attackers do their own ‘creative’ file management.

3P
Published: December 4, 2024 8:11 amAdded: December 4, 2024 at 12:41 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like CISA just added some new flavors to their vulnerability ice cream catalog, featuring the delightful trio of ProjectSend, North Grid Proself, and Zyxel Firewalls. These bugs are now the cybersecurity world’s equivalent of a triple scoop of trouble, and trust me, this is one sundae you don’t want to indulge in!

Key Points:

  • CISA adds three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.
  • North Grid Proself vulnerability allows attackers to read server files via XXE attacks.
  • ProjectSend’s improper authentication flaw scores a whopping 9.8 on the CVSS scale.
  • Zyxel Firewalls are susceptible to a path traversal vulnerability.
  • Federal agencies must patch these vulnerabilities by December 24, 2024.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?