CISA Recognizes Legacy Vulnerabilities: Addressing Critical Risks in Cybersecurity

| Editorial Team
0

CISA Adds Four Critical Legacy Vulnerabilities to Known Exploited Catalog

The Cybersecurity & Infrastructure Security Agency (CISA) has added four previously discovered vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, highlighting ongoing active exploitation of older security flaws that continue to threaten organizations.

The vulnerabilities, dating from 2014 to 2019, affect widely-used systems including Multi-Router Looking Glass, PHPMailer, Ruby on Rails, and Zimbra Collaboration Suite. These aging but dangerous flaws remain actively exploited by threat actors, demonstrating how unpatched systems pose significant security risks for businesses.

Critical Systems at Risk

The newly listed vulnerabilities include:

  • Buffer overflow flaw in Multi-Router Looking Glass (CVE-2014-3931)
  • Command injection vulnerability in PHPMailer (CVE-2016-10033)
  • Path traversal issue in Rails Ruby (CVE-2019-5418)
  • Server-side request forgery vulnerability in Zimbra Collaboration Suite (CVE-2019-9621)

Jason Soroko, Senior Technical Officer at Sectigo, notes that the Earth Lusca threat group has actively exploited the Zimbra vulnerability in 2023, using it to plant web shells and Cobalt Strike beacons. This demonstrates how older vulnerabilities remain valuable tools for cybercriminals.

Understanding the Persistent Threat

Security experts emphasize several reasons why these aging vulnerabilities pose ongoing threats:

  • Legacy systems often remain unpatched after the initial disclosure period
  • Detailed exploitation information becomes widely available over time
  • Attackers create automated tools to scan for vulnerable systems
  • Organizations may incorrectly assume older vulnerabilities are no longer targeted

"Prevention remains crucial," says James Maude, Field CTO at BeyondTrust. "Software patching, implementing least privilege, and controlling execution are hugely effective defenses that shouldn't be dismissed in favor of the latest detection trends."

Essential Security Measures

To protect against these vulnerabilities, organizations should implement comprehensive cybersecurity measures that safeguard critical business assets:

  • Conduct thorough system inventories to identify vulnerable software
  • Limit access to diagnostic tools and collaboration platforms
  • Implement network segmentation to reduce exposure
  • Maintain consistent patching schedules regardless of vulnerability age
  • Deploy advanced threat detection systems
  • Implement robust access control policies
  • Regularly update security protocols

The inclusion of these older vulnerabilities in CISA's catalog serves as a reminder that cybersecurity requires ongoing vigilance, regardless of when vulnerabilities were first discovered. Organizations must maintain comprehensive security programs that address both new and legacy threats to protect their systems effectively.

Editorial Team
You might also like

Social media and Identity Theft: What to look out for

Verizon Data Breach: 61 Million Customers’ Sensitive Information Allegedly For…

Payment Gateways: Understanding what is a payment gateway and how it works

TikTok’s Future: Trump Announces Potential Buyer Deal Amid Ownership…

Google Enhances AI Measurement Tools: Affordable Options for Small Advertisers

Maximizing Business Insights with Web Analytics Tools