Advertisements
The US CISA has added below vulnerabilities to its Known exploited vulnerabilities catalog based on the evidence of active exploitation
The vulnerability with a CVSS score of 7.8, Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services while maintaining memory maps of HLOS memory.
The vulnerability with a CVSS score of 9.8, Microsoft Windows Management Console contains unspecified vulnerability that allows for remote code execution.
The vulnerability with a CVSS score of 9.0, Microsoft Windows MSHTML Platform contains an unspecified spoofing vulnerability which can lead to a loss of confidentiality.
CISA has set 29th October 2024 as deadline for the federal agencies to remediate.
