CISA warns about Active Exploitation of Windows & JetBrains

On Wednesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) removed five security vulnerabilities from its list of known exploited vulnerabilities (KEVs) because there was insufficient evidence to support them, and added two security problems due to active exploitation.

The recently added vulnerabilities are listed below:

CVE-2023-42793 (with a 9.8 CVSS score) – The vulnerability in JetBrains TeamCity Authentication Bypass
CVSS score for CVE-2023-28229 is 7.0. – Vulnerability for Microsoft Windows CNG Key Isolation Service Privilege Escalation

A serious vulnerability in TeamCity Server’s authentication bypass that permits remote code execution is known as CVE-2023-42793. GreyNoise data shows that attempts to exploit the vulnerability have been made from 74 different IP addresses so far.

However, the Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service has a high-severity vulnerability called CVE-2023-28229 that enables an attacker to get certain, restricted SYSTEM rights.

(Score: 53) - 4.8/5