The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog by adding critical security flaws affecting Apple products and Gladinet CentreStack and Triofox enterprise file sync and share solutions. This action underscores the imperative for federal civilian executive branch (FCEB) agencies to promptly address vulnerabilities actively exploited by threat actors.

CISA’s KEV Catalog and Apple

CISA’s KEV catalog serves as a definitive list of security vulnerabilities that have been proven to be actively exploited in real-world attacks. Federal agencies are mandated to remediate these vulnerabilities within specified deadlines to protect government networks from ongoing cyber threats. The recently added Apple flaw, pertains to a logic issue within the CoreMedia framework. This vulnerability allows an attacker to execute arbitrary code with kernel privileges, posing a significant risk to affected Apple devices.

Gladinet CentreStack and Triofox Vulnerabilities

In addition to the Apple flaw, CISA has also incorporated two vulnerabilities found in Gladinet CentreStack and Triofox into its KEV catalog. These enterprise file sync and share platforms are critical for many organizations. They are described as insecure deserialization issues. These flaws enable an unauthenticated attacker to execute arbitrary code remotely on affected servers. The inclusion of these vulnerabilities in the KEV catalog signifies their active exploitation and the immediate need for mitigation by all users, especially federal agencies.

Source: https://securityaffairs.com/185716/hacking/u-s-cisa-adds-apple-and-gladinet-centrestack-and-triofox-flaws-to-its-known-exploited-vulnerabilities-catalog.html