Threat actors have been actively exploiting a high-severity Microsoft SharePoint deserialization flaw, tracked as CVE-2024-38094, and a high-severity Samsung mobile processor use-after-free issue, tracked as CVE-2024-44068, according to The Hacker News.
Attacks leveraging the SharePoint bug, which could result in remote code execution, have prompted the bug's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the issue by Nov. 12. No details regarding the process of abusing the flaw were provided but the emergence of proof-of-concept exploits has increased the odds of compromise. On the other hand, the Samsung flaw was reported by Google Threat Analysis Group to have been leveraged in a privilege escalation attack chain even though the South Korean firm did not specify in-the-wild abuse. Both developments come after organizations were recommended to address KEVs, critical, and high-severity flaws within 14, 15, and 30 days, respectively, as part of more stringent security requirements proposed by CISA.
