June 9, 2023

The US CISA announced that it has added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog.

The newly added flaws one affecting SonicWall SonicOS and 14 impacting Microsoft Windows – are older issues, some of them having been patched for more than half a decade.

Advertisements

The SonicOS security hole CVE-2020-5135 can be exploited for DoS attacks and arbitrary code execution. The Windows flaws patched between 2016 and 2019 can all lead to privilege escalation.

CISA is asking federal agencies to address the newly flagged security defects by April 5, which is surprising, given that previously organizations were given half a year to resolve older flaws.

Although CISA created the Known Exploited Vulnerabilities Catalog to help federal agencies with their vulnerability management operations, all organizations are advised to review the list and address the identified flaws as soon as possible.

Tags:

Leave a Reply

You may have missed

ACT Government Victim of Barracuda ESG Vulnerability

ACT Government Victim of Barracuda ESG Vulnerability

June 9, 2023
Anonymous Sudan Claims Responsible for Outlook Outages

Anonymous Sudan Claims Responsible for Outlook Outages

June 9, 2023
Visual Studio Bug Results in Takeover

Visual Studio Bug Results in Takeover

June 8, 2023
Cisco Fixes Secure Client Security Flaw

Cisco Fixes Secure Client Security Flaw

June 8, 2023
CISA Releases Guidelines on RMM

CISA Releases Guidelines on RMM

June 8, 2023
CrowdStrike Platform Enhancements

CrowdStrike Platform Enhancements

June 8, 2023
%d bloggers like this: