Security News > 2022 > April > CISA adds 7 vulnerabilities to list of bugs exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency has added seven vulnerabilities to its list of actively exploited security issues, including those from Microsoft, Linux, and Jenkins.
The 'Known Exploited Vulnerabilities Catalog' is a list of vulnerabilities known to be actively exploited in cyberattacks and required to be patched by Federal Civilian Executive Branch agencies.
The seven new vulnerabilities added this week are listed below, with CISA requiring all of them to be patched by May 16th, 2022.
The Windows 'User Profile Service Privilege Escalation' vulnerabilities tracked as CVE-2022-21919 and CVE-2022-26904 were both discovered by Abdelhamid Naceri and are subsequent bypasses of an original CVE-2021-34484 vulnerability fixed in August 2021.
All of these vulnerabilities have had public PoC exploited disclosed, and BleepingComputer has been told that ransomware gangs use them to spread laterally through a Windows domain.
It is strongly recommended that all security professionals and admins review the Known Exploited Vulnerabilities Catalog and patch any within their environment.
News URL
Related news
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023 (source)
- OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution (source)
- CISA warns of more Palo Alto Networks bugs exploited in attacks (source)
- CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed (source)
- CISA tags Progress Kemp LoadMaster flaw as exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-15 | CVE-2022-26904 | Race Condition vulnerability in Microsoft products Windows User Profile Service Elevation of Privilege Vulnerability | 7.0 |
| 2022-01-11 | CVE-2022-21919 | Link Following vulnerability in Microsoft products Windows User Profile Service Elevation of Privilege Vulnerability | 7.0 |
| 2021-08-12 | CVE-2021-34484 | Unspecified vulnerability in Microsoft products Windows User Profile Service Elevation of Privilege Vulnerability | 7.8 |