ACSC (Australia) and CISA (USA) are issuing a joint bulletin to announce the addition of two new vulnerabilities to CISA's Known Exploited Vulnerabilities Catalog based on evidence of active exploitation. The following Common Vulnerabilities and Exposures (CVEs) have been identified:
Both agencies strongly recommend immediate remediation actions to address these vulnerabilities.
Affected Software:
Ivanti MobileIron Sentry versions 9.18.0 and below.
Description:
A security vulnerability exists in the MICS Admin Portal of Ivanti MobileIron Sentry. An attacker could bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.
Impact:
Exploitation may grant unauthorised access to the administrator portal, allowing the actor to alter configurations, run commands, and write to the filesystem.
Australian Context:
As of date of the published Alert ( 22.08.2023):
Affected Software:
Veeam Backup & Replication Cloud Connect
Description:
The vulnerability pertains to missing authentication protocols for critical functions within the software.
Impact:
These types of vulnerabilities are frequent attack vectors and pose significant risks to federal and private entities alike.
Binding Operational Directive 22-01 (BOD 22-01)
These vulnerabilities are particularly concerning in the context of BOD 22-01, which requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities to protect against active threats.
Additional Resources:
Recommendations
- Organisations should immediately patch affected software to the latest versions.
- Conduct an internal review to ensure no unauthorised changes have been made if vulnerable versions were deployed.
- Monitor system logs for any suspicious activities.
While BOD 22-01 specifically applies to FCEB agencies, CISA and ACSC strongly urge all organisations to prioritise the timely remediation of these vulnerabilities as part of their vulnerability management practices.
For more information, consult the Known Exploited Vulnerabilities Catalog and stay tuned for updates. Both ACSC and CISA will continue to monitor the situation and provide updates as new information becomes available.
Contacts for Known Exploited Vulnerabilities Catalog :
- ACSC: https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories
- CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Document Revision: 1.2.08.23
Next Scheduled Update: To be determined.
