October 2, 2022

TheCyberThrone

Thinking Security ! Always

CISA Adds Seven vulnerabilities to Known Exploited Catalog

The U.S. CISA has added seven vulnerabilities to its Known Exploited Vulnerabilities Catalog, including flaws affecting Microsoft, Linux, WSO2, and Jenkins systems

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Advertisements

The list of vulnerabilities added by CISA to the catalog includes a remote code execution issue (WSO2), privilege escalation flaws in Microsoft/Linux, and a Sandbox Bypass Vulnerability (Jenkins).

Below is the complete list of flaws added by CISA to its catalog in the latest turn:

Known Exploited Vulnerabilities Catalog

The catalog now contains 654 vulnerabilities, including the date that federal agencies must apply the associated patches and security updates.The above issues have to be addressed by federal agencies by May 16, 2022.

%d bloggers like this: