<ul><li>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog.</li><li>The vulnerabilities added include CVE-2024-44308 Apple Multiple Products Code Execution Vulnerability, CVE-2024-44309 Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability, and CVE-2024-21287 Oracle Agile PLM Incorrect Authorization Vulnerability.</li><li>Apple released security updates for two zero-day vulnerabilities, CVE-2024-44309 and CVE-2024-44308, which were actively exploited in the wild.</li><li>CISA orders federal agencies to fix the vulnerabilities by December 12, 2024.</li></ul>

U.S. CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog

Discover more