Security News > 2022 > February > CISA urges orgs to patch actively exploited Windows SeriousSAM bug
The U.S. Cybersecurity & Infrastructure Security Agency has added to the catalog of vulnerabilities another 15 security issues actively used in cyberattacks.
CISA's warning about these vulnerabilities serves as a wake-up call to all system administrators that they need to prioritize installing security updates to protect the organization's network.
The most recent one, CVE-2021-36934, is a Microsoft Windows SAM vulnerability that allows anyone to access the Registry database files on Windows 10 and 11, extract password hashes and gain administrator privileges.
Of the older flaws, CVE-2015-2051 is a remote code execution bug affecting D-Link DIR-645 routers that continues to deliver to attackers.
CISA's list of exploited vulnerabilities is a constant reminder for organizations to deal with outdated and no longer supported hardware that is present in sensitive parts of the network since adversaries do not care how old a vulnerability is as long as it gets them in.
With the addition of the 15 flaws above, CISA's Known Exploited Vulnerabilities Catalog now lists 367 security vulnerabilities.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-22 | CVE-2021-36934 | Unspecified vulnerability in Microsoft products <p>An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. | 7.8 |
| 2015-02-23 | CVE-2015-2051 | Command Injection vulnerability in Dlink Dir-645 Firmware 1.03/1.04/1.04B11 The D-Link DIR-645 Wired/Wireless Router Rev. | 9.8 |