heise PlusAbo
Anzeige

Attacks observed on seven vulnerabilities – one is 14 years old

The US cybersecurity agency CISA warns of attacks on seven vulnerabilities. One has been around for 14 years.

listen Print view
Computer with code and graphs

(Image: DC Studio / Shutterstock.com)

2 min. read
Security
By

The US cybersecurity agency CISA is warning of attacks on seven vulnerabilities in products from Adobe, Fortinet, and Microsoft. One of the vulnerabilities has been known for 14 years.

As usual, CISA only mentions in its warning which vulnerabilities attacks have been observed on. The oldest of the attacked vulnerabilities affects Microsoft's Visual Basic, which is based on an insecure search path – and was already exploited in July 2012; it has now apparently come back into the crosshairs of cybercriminals (CVE-2012-1854, CVSS2 6.9, Risk “medium”). A “use-after-free” vulnerability in Adobe Acrobat and Reader allows attackers to inject and execute malicious code. Adobe already addressed this in August 2020, but updates are missing on some systems (CVE-2020-9715, CVSS 7.8, Risk “high”).

Microsoft's Exchange servers may deserialize untrusted data, which attackers can exploit to execute malicious code. Microsoft names the cyber gang Storm-1175 as malicious actors exploiting the security flaw for ransomware attacks (CVE-2023-21529, CVSS 8.8, Risk “high”). Additionally, criminals are attacking a privilege escalation vulnerability in the Windows Common Log File System driver (CVE-2023-36424, CVSS 7.8, Risk “high”).

More recent vulnerabilities also targeted

Last November, Microsoft closed a vulnerability with updates where links could be resolved incorrectly before file access in the host process for Windows tasks, enabling privilege escalation (CVE-2025-60710, CVSS 7.8, Risk “high”). A malicious code vulnerability in FortiClient EMS, discovered in February, also allows complete compromise of computers. And according to CISA, attackers are now doing just that (CVE-2026-21643, CVSS 9.8, Risk “critical”). Furthermore, CISA has included the vulnerability reported over the weekend, for which Adobe released an emergency update on Saturday, and which allows attackers to inject and execute arbitrary code (CVE-2026-34621, CVSS 8.6, Risk “high”).

Videos by heise

Admins and users should check if they are still using the affected software and apply the available updates immediately. CISA does not provide indicators of compromise (IOC), so it is unclear how they can be detected.

(dmk)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten