CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Acclaim Systems' USAHERDS application to its Known Exploited Vulnerabilities (KEV) catalog, indicating active exploitation in the wild.

Vulnerability Details:

• CVE Identifier: CVE-2021-44207

• Description: This vulnerability arises from the use of hard-coded credentials in Acclaim USAHERDS web application versions 7.4.0.1 and earlier. Exploiting this flaw could allow an attacker to achieve remote code execution on the system running the application.

  
  
  
  

• Technical Insight: The application utilizes specific ValidationKey and DecryptionKey values to secure ViewState data. An attacker with access to these keys can manipulate ViewState to execute arbitrary code on the server.

  
  
  
  

CISA's Directive:

CISA has mandated that federal agencies address this vulnerability by January 13, 2025. This action underscores the severity of the threat and the necessity for prompt remediation to prevent potential exploitation.

Recommendations for Organizations:

• Immediate Action: Organizations using vulnerable versions of USAHERDS should apply the necessary patches or mitigations as provided by Acclaim Systems. If updates are unavailable, consider discontinuing the use of the affected product until a fix is implemented.

• Security Measures: Ensure that applications do not use hard-coded credentials and that all security keys are appropriately managed and protected.

• Monitoring: Regularly review systems for signs of compromise and monitor official channels for updates on this vulnerability.

Addressing this vulnerability is crucial to maintaining the security and integrity of systems utilizing the USAHERDS application.