Security Affairs
Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools|U.S. CISA adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog|CISA Deploys Anthropic’s Mythos AI to Hunt Vulnerabilities in U.S. Government Code|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools|U.S. CISA adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog|CISA Deploys Anthropic’s Mythos AI to Hunt Vulnerabilities in U.S. Government Code|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

U.S. CISA adds Acclaim Systems USAHERDS flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Acclaim Systems USAHERDS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Acclaim Systems USAHERDS vulnerability, tracked as CVE-2021-44207 (CVSS score: 8.1) to its Known Exploited Vulnerabilities (KEV) catalog. USAHERDS, developed by Acclaim Systems, is a web-based application designed to […]

CISA BlueHammer (CVE-2026-33825)

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Acclaim Systems USAHERDS flaw to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Acclaim Systems USAHERDS vulnerability, tracked as CVE-2021-44207 (CVSS score: 8.1) to its Known Exploited Vulnerabilities (KEV) catalog.

USAHERDS, developed by Acclaim Systems, is a web-based application designed to assist U.S. state governments in tracking and managing animal health and disease outbreaks. It is part of the AgraGuard suite of products, which includes USAHERDS, USALIMS, USAPlants, USAFoodSafety, and USAMeals, aimed at supporting agricultural and food safety operations.

The vulnerability was exploited by the Chinese cyber-espionage group APT41 to breach multiple U.S. state government networks.

The flaw stems from the use of hard-coded credentials vulnerability, it impacts Acclaim USAHERDS web application 7.4.0.1 and earlier. An attacker who knows static ValidationKey and DecryptionKey values can exploit them to execute arbitrary code on the system that runs the application.

Attackers can craft malicious ViewState data to bypass MAC checks, and trigger server-side code execution.

“The Acclaim USAHERDS web application 7.4.0.1 and Earlier, builds prior to November 2021, used static ValidationKey and DecryptionKey values.” reads the advisory. “High – Knowledge of the ValidationKey and DecryptionKey can be used to achieve Remote Code Execution on the system that runs the application.”

Security researchers Douglas Bienstock from Mandiant reported the issue to the company. Acclaim Systems addressed this issue by releasing a patch in November 2021 to remediate the vulnerability.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts also recommend private organizations review the Catalog and address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix this vulnerability by January 13, 2025.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, CISA Known Exploited Vulnerabilities catalog)