Security News > 2022 > March > CISA adds 15 vulnerabilities to list of flaws exploited in attacks

CISA adds 15 vulnerabilities to list of flaws exploited in attacks
2022-03-16 16:14

The U.S. Cybersecurity & Infrastructure Security Agency has added fifteen additional flaws to its list of actively exploited vulnerabilities known to be used in cyberattacks.

Since threat actors have been observed targeting these flaws in the attacks, failing to address the security issues means risking a network compromise that can lead to a catastrophic data breach or ransomware attack.

Most flaws in the new set highlighted by CISA concern privilege escalation problems on Windows, of which one, CVE-2019-0841, has a published proof-of-concept exploit that threat actors can pick up and use immediately on vulnerable systems.

The significantly older CVE-2018-8120 on Win32k was first seen exploited for attacks as a zero-day back in May 2018, but apparently, it's still valuable for threat actors.

These latest additions bring CISA's Known Exploited Vulnerabilities Catalog to a total of 504 flaws, which admins cannot ignore as they're all used by threat actors.

Organizations are advised to monitor that list and ensure they have addressed all security gaps on their systems, as adversaries don't care how old a flaw is as long as it can give them unauthorized access to the target.


News URL

https://www.bleepingcomputer.com/news/security/cisa-adds-15-vulnerabilities-to-list-of-flaws-exploited-in-attacks/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-04-09 CVE-2019-0841 Link Following vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-59
7.8
2018-05-09 CVE-2018-8120 Improper Resource Shutdown or Release vulnerability in Microsoft Windows 7 and Windows Server 2008
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.
local
low complexity
microsoft CWE-404
7.2