CISA Adds 15 Known Exploited Vulnerabilities, Expert Weighs In

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1" class="logo-image logo-image-dark" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1" class="logo-image" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1" class="logo-image logo-image-dark" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1" class="logo-image" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

100 vulnerabilities

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added fifteen additional flaws to its list of actively exploited vulnerabilities known to be used in cyberattacks. CISA is giving federal agencies a deadline of April 5, 2022, to apply the available security updates …

Description Patch Deadline

SonicWall SonicOS Buffer Overflow Vulnerability 4/5/2022

Microsoft Windows UPnP Service Privilege Escalation Vulnerability 4/5/2022

Microsoft Windows Privilege Escalation Vulnerability 4/5/2022

Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability 4/5/2022

Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability 4/5/2022

Microsoft Windows AppXSVC Privilege Escalation Vulnerability 4/5/2022

Some of these vulns keep cropping up: Admins of SonicWall VPNs had to patch them again, even after a PoC was already in the wild. CISA’s catalog of Known Exploited Vulnerabilities now totals 504 flaws, all of which have been seen in use by attackers.

About the Author

ISBuzz Team

The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

Working With Us

Write For Us

The Pages