CISA adds CVE-2023-21674 vulnerability to exploited catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch their systems against an actively exploited Windows vulnerability that enables attackers to bypass security features to cause an impact on integrity and availability.

CISA is also recommending that Federal Civilian Executive Branch (FCEB) agencies patch all systems against the vulnerabilities by January 31, 2023, to reduce their exposure to potential cyberattacks.

Tracked as CVE-2023-21674 (CVSS score: 8.8), the flaw could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in the Advanced Local Procedure Call (ALPC) component. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to obtain full system privileges.

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” the cybersecurity agency said.

CVE-2023-21674 affects systems running Windows 8, Windows 10, Windows 11, Windows Server 2016, Windows Server  2019, and Windows Server 2022 without the January 2023 Patch Tuesday updates.

Another actively exploited flaw added to the list is CVE-2022-41082. Microsoft Exchange Server could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw when PowerShell is accessible. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.