The US Cybersecurity and Infrastructure Security Agency (CISA) has added two known security vulnerabilities in its KEV catalog based on evidence of active exploitation.
The first issue is CVE-2024-35250, an untrusted pointer dereference vulnerability in Windows Kernel-Mode Driver, which, if exploited, could allow an attacker to gain SYSTEM privileges. The flaw was patched in June 2024 as part of that month’s Patch Tuesday release.
The second actively exploited flaw is CVE-2024-20767, an improper access control issue in the Adobe ColdFusion web application development platform. The vulnerability can be leveraged by a remote attacker to send a specially crafted HTTP request and read arbitrary files on the system.
Earlier this month, the Clop ransomware gang has reportedly confirmed that they have been behind the reсent Cleo data theft attacks exploiting two security issues (CVE-2024-50623 and CVE-2024-55956) to breach corporate networks.