Security News > 2022 > February > CISA urges orgs to patch actively exploited Windows SeriousSAM bug

CISA urges orgs to patch actively exploited Windows SeriousSAM bug
2022-02-11 13:01

The U.S. Cybersecurity & Infrastructure Security Agency has added to the catalog of vulnerabilities another 15 security issues actively used in cyberattacks.

CISA's warning about these vulnerabilities serves as a wake-up call to all system administrators that they need to prioritize installing security updates to protect the organization's network.

The most recent one, CVE-2021-36934, is a Microsoft Windows SAM vulnerability that allows anyone to access the Registry database files on Windows 10 and 11, extract password hashes and gain administrator privileges.

Of the older flaws, CVE-2015-2051 is a remote code execution bug affecting D-Link DIR-645 routers that continues to deliver to attackers.

CISA's list of exploited vulnerabilities is a constant reminder for organizations to deal with outdated and no longer supported hardware that is present in sensitive parts of the network since adversaries do not care how old a vulnerability is as long as it gets them in.

With the addition of the 15 flaws above, CISA's Known Exploited Vulnerabilities Catalog now lists 367 security vulnerabilities.


News URL

https://www.bleepingcomputer.com/news/security/cisa-urges-orgs-to-patch-actively-exploited-windows-serioussam-bug/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-07-22 CVE-2021-36934 Unspecified vulnerability in Microsoft products
<p>An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database.
local
low complexity
microsoft
7.8
2015-02-23 CVE-2015-2051 Command Injection vulnerability in Dlink Dir-645 Firmware 1.03/1.04/1.04B11
The D-Link DIR-645 Wired/Wireless Router Rev.
network
low complexity
dlink CWE-77
critical
9.8