U.S. CISA adds KNX Association KNX Protocol Connection Authorization Option 1 and Oracle flaws to its Known Exploited Vulnerabilities catalog
Overview
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included new vulnerabilities in its Known Exploited Vulnerabilities catalog, specifically targeting the KNX Protocol Connection Authorization Option 1 from the KNX Association and various flaws related to Oracle products. This update is crucial as it indicates that these vulnerabilities could be actively exploited by attackers, posing risks to organizations using affected systems. The inclusion of these vulnerabilities serves as a warning to IT departments and security teams to prioritize patching and mitigation efforts. Notably, CISA also added vulnerabilities from SonicWall and Microsoft to the catalog, emphasizing the ongoing need for vigilance in cybersecurity practices. Companies should review their systems and apply necessary updates to safeguard against potential attacks.
Key Takeaways
- Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
- Affected Systems: Affected products include KNX Protocol systems by KNX Association and various Oracle products. Additional vulnerabilities involve systems from SonicWall and Microsoft.
- Action Required: Organizations should review their systems for the mentioned vulnerabilities and apply the latest patches and updates from the respective vendors.
- Timeline: Newly disclosed
Original Article Summary
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds KNX Association KNX Protocol Connection Authorization Option 1 and Oracle flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall and Microsoft flaws to its Known Exploited Vulnerabilities (KEV) catalog. The flaws added to the catalog are: The vulnerability CVE-2023-4346 (CVSS […]
Impact
Affected products include KNX Protocol systems by KNX Association and various Oracle products. Additional vulnerabilities involve systems from SonicWall and Microsoft.
Exploitation Status
This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.
Timeline
Newly disclosed
Remediation
Organizations should review their systems for the mentioned vulnerabilities and apply the latest patches and updates from the respective vendors. For Oracle products, consult Oracle's security advisories for specific patches. KNX users should check for updates related to the KNX Protocol. SonicWall and Microsoft users should also ensure they are using the latest security updates available from those vendors.
Additional Information
This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.
Related Topics: This incident relates to CVE, Microsoft, Vulnerability, and 2 more.