December 3, 2023

The US CISA announced that it has added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog.

The newly added flaws one affecting SonicWall SonicOS and 14 impacting Microsoft Windows – are older issues, some of them having been patched for more than half a decade.

Advertisements

The SonicOS security hole CVE-2020-5135 can be exploited for DoS attacks and arbitrary code execution. The Windows flaws patched between 2016 and 2019 can all lead to privilege escalation.

CISA is asking federal agencies to address the newly flagged security defects by April 5, which is surprising, given that previously organizations were given half a year to resolve older flaws.

Although CISA created the Known Exploited Vulnerabilities Catalog to help federal agencies with their vulnerability management operations, all organizations are advised to review the list and address the identified flaws as soon as possible.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – November, 2023

December 2, 2023

Staples affected by a Cyber Attack

December 2, 2023

CISA KEV Update Part I – December 2023

December 1, 2023 2

Dollar Tree Affected by a Third Party Breach

December 1, 2023

Apple Patches iOS zerodays – CVE-2023-42916 and CVE-2023-42917

December 1, 2023

TheCyberThrone Security Week In Review – November 25, 2023

November 30, 2023
%d bloggers like this: