CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
- CVE-2023-7024 Google Chromium WebRTC Heap Buffer Overflow Vulnerability
- CVE-2023-7101 Spreadsheet::ParseExcel Remote Code Execution Vulnerability
Advertisements
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
The due date is set as January 23,2024, for remediation, and it’s applicable for government and federal agencies