Hikvision and Rockwell Automation CVSS 9.8 Vulnerabilities Added to CISA KEV Catalog

Post Views: 31

US CISA Adds Two Severe Security Vulnerabilities to KEV Catalog

The US Cybersecurity and Infrastructure Security Agency (CISA) has added two severe security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

Hikvision Vulnerability

The first vulnerability, tracked as CVE-2017-7921, affects multiple Hikvision products and allows a malicious user to escalate privileges on the system and gain access to sensitive information due to improper authentication.

This vulnerability has been exploited in the wild, with the SANS Internet Storm Center reporting exploit attempts against Hikvision cameras susceptible to the flaw as far back as four months ago.

Rockwell Automation Vulnerability

The second vulnerability, tracked as CVE-2021-22681, affects multiple Rockwell Automation products, including Studio 5000 Logix Designer, RSLogix 5000, and Logix Controllers.

This vulnerability allows an unauthorized user with network access to the controller to bypass the verification mechanism and authenticate with it, as well as alter its configuration and/or application code.

Although there are no public reports of attacks involving this vulnerability, its addition to the KEV catalog suggests that it is being actively exploited.

“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” the agency said. “Federal Civilian Executive Branch (FCEB) agencies are required to remediate these vulnerabilities, and CISA strongly encourages all organizations to do the same as part of their vulnerability management practice.”

CISA Urges Remediation

CISA has urged all organizations to prioritize the remediation of KEV Catalog vulnerabilities, citing the significant risks posed by these types of flaws.