The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint Secure by Design Alert, calling on software developers and industry executives to intensify their efforts in eliminating directory traversal vulnerabilities within their products.
This move comes in response to a series of high-profile cyber-attacks that have exploited these vulnerabilities, notably CVE-2024-1708 and CVE-2024-20345, leading to significant disruptions across critical infrastructure sectors, including healthcare and public education.
https://cybersecuritynews.com/cisa-fbi- ... abilities/