CISA – Known Exploited Catalog Update – May 2022
Share this:
The CISA has added 41 flaws to its Known Exploited Vulnerabilities Catalog, including recently addressed issues in the Android kernel (CVE-2021-1048 and CVE-2021-0920) and Cisco IOS XR (CVE-2022-20821).
The Cisco IOS XR flaw tracked as (CVE-2022-20821, with a CVSS score: of 6.5, is actively exploited in attacks in the wild, it resides in the health check RPM of Cisco IOS XR Software. An unauthenticated, remote attacker could trigger the issue to access the Redis instance that is running within the NOSi container.
According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies must address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.
Some of the flaws added to the catalog in this turn are dated back to 2016, such as the issues affecting Apple (CVE-2016-4655, CVE-2016-4656, CVE-2016-4657), Microsoft (CVE-2016-0162, CVE-2016-3351, CVE-2016-3298) and Cisco Devices (CVE-2016-6366, CVE-2016-6367).
Other issues impact Google, Mozilla, Facebook, Adobe, and Webkit GTK software products, the vulnerabilities range from 2018 to 2021. Some of the issues have to be addressed by federal agencies by June 13, 2022, while the others need to be fixed by June 14, 2022.
Exploit list added to the Catalog
| CVE | Vendor/Project | Product | Vulnerability Name |
| CVE-2018-8611 | Microsoft | Windows | Microsoft Windows Kernel Privilege Escalation Vulnerability |
| CVE-2018-19953 | QNAP | Network Attached Storage (NAS) | QNAP NAS File Station Cross-Site Scripting Vulnerability |
| CVE-2018-19949 | QNAP | Network Attached Storage (NAS) | QNAP NAS File Station Command Injection Vulnerability |
| CVE-2018-19943 | QNAP | Network Attached Storage (NAS) | QNAP NAS File Station Cross-Site Scripting Vulnerability |
| CVE-2017-0147 | Microsoft | SMBv1 server | Microsoft Windows SMBv1 Information Disclosure Vulnerability |
| CVE-2017-0022 | Microsoft | XML Core Services | Microsoft XML Core Services Information Disclosure Vulnerability |
| CVE-2017-0005 | Microsoft | Windows | Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability |
| CVE-2017-0149 | Microsoft | Internet Explorer | Microsoft Internet Explorer Memory Corruption Vulnerability |
| CVE-2017-0210 | Microsoft | Internet Explorer | Microsoft Internet Explorer Privilege Escalation Vulnerability |
| CVE-2017-8291 | Artifex | Ghostscript | Artifex Ghostscript Type Confusion Vulnerability |
| CVE-2017-8543 | Microsoft | Windows | Microsoft Windows Search Remote Code Execution Vulnerability |
| CVE-2017-18362 | Kaseya | Virtual System/Server Administrator (VSA) | Kaseya VSA SQL Injection Vulnerability |
| CVE-2016-0162 | Microsoft | Internet Explorer | Microsoft Internet Explorer Information Disclosure Vulnerability |
| CVE-2016-3351 | Microsoft | Internet Explorer and Edge | Microsoft Internet Explorer and Edge Information Disclosure Vulnerability |
| CVE-2016-4655 | Apple | iOS | Apple iOS Information Disclosure Vulnerability |
| CVE-2016-4656 | Apple | iOS | Apple iOS Memory Corruption Vulnerability |
| CVE-2016-4657 | Apple | iOS | Apple iOS Webkit Memory Corruption Vulnerability |
| CVE-2016-6366 | Cisco | Adaptive Security Appliance (ASA) | Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability |
| CVE-2016-6367 | Cisco | Adaptive Security Appliance (ASA) | Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability |
| CVE-2016-3298 | Microsoft | Internet Explorer | Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability |
| CVE-2022-20821 | Cisco | IOS XR | Cisco IOS XR Open Port Vulnerability |
| CVE-2021-1048 | Android | Kernel | Android Kernel Use-After-Free Vulnerability |
| CVE-2021-0920 | Android | Kernel | Android Kernel Race Condition Vulnerability |
| CVE-2021-30883 | Apple | Multiple Products | Apple Multiple Products Memory Corruption Vulnerability |
| CVE-2020-1027 | Microsoft | Windows | Microsoft Windows Kernel Privilege Escalation Vulnerability |
| CVE-2020-0638 | Microsoft | Update Notification Manager | Microsoft Update Notification Manager Privilege Escalation Vulnerability |
| CVE-2019-7286 | Apple | Multiple Products | Apple Multiple Products Memory Corruption Vulnerability |
| CVE-2019-7287 | Apple | iOS | Apple iOS Memory Corruption Vulnerability |
| CVE-2019-0676 | Microsoft | Internet Explorer | Microsoft Internet Explorer Information Disclosure Vulnerability |
| CVE-2019-5786 | Chrome | Google Chrome Use-After-Free Vulnerability | |
| CVE-2019-0703 | Microsoft | Windows | Microsoft Windows SMB Information Disclosure Vulnerability |
| CVE-2019-0880 | Microsoft | Windows | Microsoft Windows Privilege Escalation Vulnerability |
| CVE-2019-13720 | Chrome | Google Chrome Use-After-Free Vulnerability | |
| CVE-2019-11707 | Mozilla | Firefox and Thunderbird | Mozilla Firefox and Thunderbird Type Confusion Vulnerability |
| CVE-2019-11708 | Mozilla | Firefox and Thunderbird | Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability |
| CVE-2019-8720 | WebKitGTK | WebKitGTK | WebKitGTK Memory Corruption Vulnerability |
| CVE-2019-18426 | Meta Platforms | WhatsApp Cross-Site Scripting Vulnerability | |
| CVE-2019-1385 | Microsoft | Windows | Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability |
| CVE-2019-1130 | Microsoft | Windows | Microsoft Windows AppX Deployment Service Privilege Escalation Vulnerability |
| CVE-2018-5002 | Adobe | Flash Player | Adobe Flash Player Stack-based Buffer Overflow Vulnerability |
| CVE-2018-8589 | Microsoft | Win32k | Microsoft Win32k Privilege Escalation Vulnerability |
