Security News > 2022 > April > CISA adds 7 vulnerabilities to list of bugs exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency has added seven vulnerabilities to its list of actively exploited security issues, including those from Microsoft, Linux, and Jenkins.
The 'Known Exploited Vulnerabilities Catalog' is a list of vulnerabilities known to be actively exploited in cyberattacks and required to be patched by Federal Civilian Executive Branch agencies.
The seven new vulnerabilities added this week are listed below, with CISA requiring all of them to be patched by May 16th, 2022.
The Windows 'User Profile Service Privilege Escalation' vulnerabilities tracked as CVE-2022-21919 and CVE-2022-26904 were both discovered by Abdelhamid Naceri and are subsequent bypasses of an original CVE-2021-34484 vulnerability fixed in August 2021.
All of these vulnerabilities have had public PoC exploited disclosed, and BleepingComputer has been told that ransomware gangs use them to spread laterally through a Windows domain.
It is strongly recommended that all security professionals and admins review the Known Exploited Vulnerabilities Catalog and patch any within their environment.
News URL
Related news
- CISA tags Windows, Cisco vulnerabilities as actively exploited (source)
- CISA Identifies Five New Vulnerabilities Currently Being Exploited (source)
- CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List (source)
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack (source)
- GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks (source)
- CISA tags NAKIVO backup flaw as actively exploited in attacks (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- CISA tags SonicWall VPN flaw as actively exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-15 | CVE-2022-26904 | Race Condition vulnerability in Microsoft products Windows User Profile Service Elevation of Privilege Vulnerability | 0.0 |
| 2022-01-11 | CVE-2022-21919 | Link Following vulnerability in Microsoft products Windows User Profile Service Elevation of Privilege Vulnerability | 0.0 |
| 2021-08-12 | CVE-2021-34484 | Unspecified vulnerability in Microsoft products Windows User Profile Service Elevation of Privilege Vulnerability | 0.0 |