Security News > 2022 > January > CISA adds 17 vulnerabilities to list of bugs exploited in attacks
This week, the Cybersecurity and Infrastructure Security Agency added seventeen actively exploited vulnerabilities to the 'Known Exploited Vulnerabilities Catalog.
The 'Known Exploited Vulnerabilities Catalog' is a list of vulnerabilities that have been seen abused by threat actors in attacks and that are required to be patched by Federal Civilian Executive Branch agencies.
With the addition of these 17 vulnerabilities, the catalog now contains a total of 341 vulnerabilities and includes the date by which agencies must apply security updates to resolve the bug.
Of particular interest are the CVE-2021-32648 and CVE-2021-35247 vulnerabilities, which were disclosed this week to be actively exploited in attacks.
The new 'SolarWinds Serv-U Improper Input Validation' vulnerability tracked as CVE-2021-35247 was discovered by Microsoft to be exploited to propagate Log4j attacks to Windows domain controllers configured as LDAP servers.
While attacks using the Serv-U vulnerability ultimately failed, as Windows domain controllers are not vulnerable to Log4j exploits, CISA requires agencies to fix the vulnerability by February 4th, 2022.
News URL
Related news
- CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- CISA flags Craft CMS code injection flaw as exploited in attacks (source)
- CISA tags Windows, Cisco vulnerabilities as actively exploited (source)
- CISA Identifies Five New Vulnerabilities Currently Being Exploited (source)
- CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List (source)
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack (source)
- GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks (source)
- CISA tags NAKIVO backup flaw as actively exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-10 | CVE-2021-35247 | Unspecified vulnerability in Solarwinds Serv-U Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. | 5.3 |
| 2021-08-26 | CVE-2021-32648 | Unspecified vulnerability in Octobercms October octobercms in a CMS platform based on the Laravel PHP Framework. | 9.1 |