
The U.S. CISA added 12 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including four vulnerabilities in D-Link routers, two Chrome zero-day issues, and a recently disclosed flaw in the QNAP Photo Station.
According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies must address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.
Advertisements
All private organizations review the Catalog and address the vulnerabilities in their infrastructure.
CVE ID | OEM | Product | Due Date |
CVE-2022-3075 | Chromium | 29-09-2022 | |
CVE-2022-28958 | D-Link | DIR-816L | 29-09-2022 |
CVE-2022-27593 | QNAP | Photo Station | 29-09-2022 |
CVE-2022-26258 | D-Link | DIR-820L | 29-09-2022 |
CVE-2020-9934 | Apple | iOS, iPadOS, and macOS | 29-09-2022 |
CVE-2018-7445 | MikroTik | RouterOS | 29-09-2022 |
CVE-2018-6530 | D-Link | Multiple Routers | 29-09-2022 |
CVE-2018-2628 | Oracle | WebLogic Server | 29-09-2022 |
CVE-2018-13374 | Fortinet | FortiOS and FortiADC | 29-09-2022 |
CVE-2017-5521 | NETGEAR | Multiple Devices | 29-09-2022 |
CVE-2011-4723 | D-Link | DIR-300 Router | 29-09-2022 |
CVE-2011-1823 | Android | Android OS | 29-09-2022 |