Stuxnet added to CISA Catalog

The U.S. CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog and given October 6th, 2022 as a deadline

Below is the list of vulnerabilities added to the catalog:

• CVE-2022-40139: Trend Micro Apex One and Apex One as a Service – Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.
• CVE-2013-6282: Linux Kernel get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This allows an application to read and write kernel memory which could lead to privilege escalation.
• CVE-2013-2597 Code Aurora audio calibration database (acdb) audio driver contains a stack-based buffer overflow vulnerability which allows for privilege escalation. Code Aurora is used in third-party products such as Qualcomm and Android.
• CVE-2013-2596 Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability which allows for privilege escalation.
• CVE-2013-2094 Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). Explotation allows for privilege escalation.
• CVE-2010-2568 Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerability could execute code as the logged-on user.

From the list, only the CVE-2022-40139  is a vulnerability publicly disclosed this year, it is an Improper Validation Vulnerability affecting Trend Micro’s Apex One platform.

The older issue added to the catalog is the CVE-2010-2568 which is the issue used in the Stuxnet attack.