A critical vulnerability, tracked as CVE-2021-44207, in the Acclaim Systems USAHERDS web application, which is a web based application, has been actively exploited. The vulnerability involves the use of hard-coded credentials, making it an easy target for malicious actors. CISA has added this flaw to its Known Exploited Vulnerabilities catalog. Organizations are urged to apply the necessary remediation to reduce their exposure to cyber attacks. This vulnerability allows for significant risk to the federal enterprise.