The Download
Anytime CISA adds a new vulnerability to its Known Exploitable Vulnerability (KEV) list, it means these vulnerabilities are being actively exploited. The KEV carries with it a binding operational directive (BOD) for Federal agencies to immediately scan and patch the vulnerability.
The first vulnerability noted is a security flaw in the netfilter component in the Linux kernel (CVE-2024-1086) with severity 7.8. This use-after-free flaw allows a user to escalate privilege to root and potentially run arbitrary code. The netfilter component is a critical component in Linux operating systems that handle network packets, do network address translation and packet filtering.
The second vulnerability is a flaw in Check Point firewall and remote access products with CVE-2024-24919. This vulnerability may allow unauthorized attackers to read sensitive network traffic through VPN connections in the Check Point firewall.
What You Can Do
If a vulnerability shows up on the KEV list, you should be scanning for it and patching it if you have it. If Federal agencies are mandated to do this, it is probably a good idea for your networks too. ThreatMate automatically scans for vulnerabilities on the KEV.
To Learn More: