Security News > 2022 > March > CISA adds 15 vulnerabilities to list of flaws exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency has added fifteen additional flaws to its list of actively exploited vulnerabilities known to be used in cyberattacks.
Since threat actors have been observed targeting these flaws in the attacks, failing to address the security issues means risking a network compromise that can lead to a catastrophic data breach or ransomware attack.
Most flaws in the new set highlighted by CISA concern privilege escalation problems on Windows, of which one, CVE-2019-0841, has a published proof-of-concept exploit that threat actors can pick up and use immediately on vulnerable systems.
The significantly older CVE-2018-8120 on Win32k was first seen exploited for attacks as a zero-day back in May 2018, but apparently, it's still valuable for threat actors.
These latest additions bring CISA's Known Exploited Vulnerabilities Catalog to a total of 504 flaws, which admins cannot ignore as they're all used by threat actors.
Organizations are advised to monitor that list and ensure they have addressed all security gaps on their systems, as adversaries don't care how old a flaw is as long as it can give them unauthorized access to the target.
News URL
Related news
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023 (source)
- OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution (source)
- CISA warns of more Palo Alto Networks bugs exploited in attacks (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)
- CISA tags Progress Kemp LoadMaster flaw as exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-09 | CVE-2019-0841 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. | 7.8 |
| 2018-05-09 | CVE-2018-8120 | Improper Resource Shutdown or Release vulnerability in Microsoft Windows 7 and Windows Server 2008 An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. | 7.2 |