Security News > 2022 > March > CISA adds 66 vulnerabilities to list of bugs exploited in attacks

The Cybersecurity and Infrastructure Security Agency has added a massive set of 66 actively exploited vulnerabilities to its catalog of 'Known Exploited Vulnerabilities.

The new set of 66 actively exploited vulnerabilities published by CISA spans disclosure dates between 2005 and 2022, covering a broad spectrum of software and hardware types and versions.

The Mitel CVE-2022-26143 and Windows CVE-2022-21999 vulnerabilities disclosed in February are two particularly interesting bugs.

The addition of these 66 vulnerabilities at this time doesn't necessarily mean that CISA's analysts just spotted their active exploitation in the wild.

The Windows Print Spooler CVE-2022-21999 vulnerability, the Mitel DDoS CVE-2022-26143 amplification vulnerability, and the CVE-2022-26318 WatchGuard vulnerabilities were disclosed in February and were quickly exploited by threat actors.

Due to the large number of flaws comprising the latest set, CISA hasn't supplied the usual summary table, so system administrators will have to review the new entries on the catalog, which now counts a total of 570 vulnerabilities.

News URL

https://www.bleepingcomputer.com/news/security/cisa-adds-66-vulnerabilities-to-list-of-bugs-exploited-in-attacks/