safety, encryption, ssl, world, protection, lock, security, internet, privacy, technology, https, protect, certificate, gray technology, gray world, gray internet, gray security, gray safety, cybersecurity, ssl, cybersecurity, cybersecurity, cybersecurity, cybersecurity, cybersecurity
| |

CISA has issued a warning regarding vulnerabilities in D-Link products that are currently being exploited in attacks.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert, adding three vulnerabilities affecting D-Link devices to its Known Exploited Vulnerabilities (KEV) Catalog. This inclusion indicates that these flaws are actively exploited by malicious cyber actors, posing significant threats to networks. The vulnerabilities impact several D-Link products, specifically CVE-2020-25078, which affects D-Link DCS-2530L and DCS-2670L security cameras, CVE-2020-25079, a command injection vulnerability impacting the same camera models, and CVE-2022-40799, which allows for code downloads without integrity checks in the D-Link DNR-322L network video recorder. Such security flaws serve as common entry points for attackers, with command injection vulnerabilities enabling arbitrary command execution on devices, potentially leading to complete takeovers.

The addition of these vulnerabilities to the KEV Catalog falls under the Binding Operational Directive (BOD) 22-01, mandating Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by a specified due date. While this directive is mandatory for FCEB agencies, CISA strongly urges all organisations, both public and private, to take these warnings seriously. CISA recommends prioritising the timely remediation of vulnerabilities listed in the KEV Catalog as a core part of vulnerability management practices to reduce exposure to cyberattacks. The agency continuously updates the catalog based on new evidence of active exploitation, and device owners are encouraged to check for and apply firmware updates from manufacturers to mitigate these threats. 

Similar Posts

Leave a Reply