CISA orders feds to patch actively exploited Drupal vulnerability

CISA has ordered US government agencies to patch an actively exploited SQL injection vulnerability in Drupal CMS, affecting servers that have not been updated to a secure version. The vulnerability allows attackers to inject malicious SQL code. The attack vector is through the Drupal CMS.

1. The vulnerability is an SQL injection flaw in Drupal CMS.
2. The vulnerability affects Drupal versions prior to a specific patched version, and is actively being exploited by attackers.
3. Attackers can inject malicious SQL code to gain unauthorized access to servers.
4. Detection opportunities include monitoring for suspicious database queries and unusual server activity.

T1059.001 SQL Injection

Patch Drupal to the latest version to prevent exploitation of the SQL injection vulnerability.