{"id":231319,"date":"2026-02-14T05:17:37","date_gmt":"2026-02-14T11:17:37","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2026\/02\/cisa-flags-critical-microsoft-sccm-flaw-as-exploited-in-attacks"},"modified":"2026-02-14T05:17:37","modified_gmt":"2026-02-14T11:17:37","slug":"cisa-flags-critical-microsoft-sccm-flaw-as-exploited-in-attacks","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2026\/02\/cisa-flags-critical-microsoft-sccm-flaw-as-exploited-in-attacks","title":{"rendered":"CISA flags critical Microsoft SCCM flaw as exploited in attacks"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/cisa-flags-critical-microsoft-sccm-flaw-as-exploited-in-attacks.jpg\"><\/a><\/p>\n<p>CISA ordered U.S. government agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks.<\/p>\n<p>Microsoft Configuration Manager (also known as ConfigMgr and formerly System Center Configuration Manager, or SCCM) is an IT administration tool for managing large groups of Windows servers and workstations.<\/p>\n<p>Tracked as <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2024-43468\" target=\"_blank\" rel=\"nofollow noopener\">CVE-2024\u201343468<\/a> and reported by <a href=\"https:\/\/www.synacktiv.com\/advisories\/microsoft-configuration-manager-configmgr-2403-unauthenticated-sql-injections\" target=\"_blank\" rel=\"nofollow noopener\">offensive security company Synacktiv<\/a>, this SQL injection vulnerability allows remote attackers with no privileges to gain code execution and run arbitrary commands with the highest level of privileges on the server and\/or the underlying Microsoft Configuration Manager site database.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA ordered U.S. government agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks. Microsoft Configuration Manager (also known as ConfigMgr and formerly System Center Configuration Manager, or SCCM) is an IT administration tool for managing large groups of Windows servers and [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1490,1492],"tags":[],"class_list":["post-231319","post","type-post","status-publish","format-standard","hentry","category-government","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/231319","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=231319"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/231319\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=231319"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=231319"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=231319"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}