Security News > 2022 > March > CISA adds 15 vulnerabilities to list of flaws exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency has added fifteen additional flaws to its list of actively exploited vulnerabilities known to be used in cyberattacks.
Since threat actors have been observed targeting these flaws in the attacks, failing to address the security issues means risking a network compromise that can lead to a catastrophic data breach or ransomware attack.
Most flaws in the new set highlighted by CISA concern privilege escalation problems on Windows, of which one, CVE-2019-0841, has a published proof-of-concept exploit that threat actors can pick up and use immediately on vulnerable systems.
The significantly older CVE-2018-8120 on Win32k was first seen exploited for attacks as a zero-day back in May 2018, but apparently, it's still valuable for threat actors.
These latest additions bring CISA's Known Exploited Vulnerabilities Catalog to a total of 504 flaws, which admins cannot ignore as they're all used by threat actors.
Organizations are advised to monitor that list and ensure they have addressed all security gaps on their systems, as adversaries don't care how old a flaw is as long as it can give them unauthorized access to the target.
News URL
Related news
- CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- CISA orders agencies to patch BeyondTrust bug exploited in attacks (source)
- CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks (source)
- CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List (source)
- CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25 (source)
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- CISA Adds Four Vulnerabilities to Catalog for Federal Enterprise (source)
- CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-09 | CVE-2019-0841 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. | 7.8 |
| 2018-05-09 | CVE-2018-8120 | Improper Resource Shutdown or Release vulnerability in Microsoft Windows 7 and Windows Server 2008 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. | 7.0 |