A critical alert has been issued concerning exploited vulnerabilities within the TeleMessage TM SGNL software. These specific security flaws have been observed undergoing active exploitation in real-world attacks.
As a result, the Cybersecurity and Infrastructure Security Agency (CISA) has added these vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This catalog serves as a definitive list of vulnerabilities that are known to be actively targeted by malicious actors and pose significant risk.
Inclusion in the KEV catalog mandates urgent action for federal agencies. Federal Civilian Executive Branch (FCEB) agencies are required to remediate these vulnerabilities within a tight deadline, typically three weeks from the date of addition, to mitigate the immediate threat.
The presence of these flaws in the KEV catalog underscores the importance of patching and updating affected systems promptly. Organizations, particularly government entities, must prioritize addressing these vulnerabilities to prevent potential unauthorized access, data breaches, or other malicious activities stemming from the identified exploits. Staying vigilant and adhering to CISA’s directives is crucial for maintaining robust cybersecurity defenses against known threats.
Source: https://securityaffairs.com/179542/hacking/u-s-cisa-adds-telemessage-tm-sgnl-flaws-to-its-known-exploited-vulnerabilities-catalog.html
