CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

SITREP: CISA has included two actively exploited vulnerabilities in its Known Exploited Vulnerabilities catalog, specifically targeting ConnectWise ScreenConnect and Microsoft Windows. The vulnerabilities are identified as CVE-2024-1708, which has a CVSS score of 8.4, indicating a high severity level. TACTICAL ASSESSMENT: The addition of these vulnerabilities to the KEV catalog highlights the increasing threat landscape surrounding critical infrastructure and software applications. This move underscores the urgency for organizations to implement immediate security measures to mitigate potential exploitation. PROJECTED VECTORS: It is likely that further exploits will emerge as attackers seek to capitalize on these vulnerabilities, prompting a wave of security updates and patches across affected systems.