CISA Adds 15 Known Exploited Vulnerabilities, Expert Weighs In

By   ISBuzz Team
Writer , Information Security Buzz | Mar 18, 2022 08:54 am PST

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added fifteen additional flaws to its list of actively exploited vulnerabilities known to be used in cyberattacks. CISA is giving federal agencies a deadline of April 5, 2022, to apply the available security updates …

Description                                                                                      Patch Deadline

SonicWall SonicOS Buffer Overflow Vulnerability                                4/5/2022

Microsoft Windows UPnP Service Privilege Escalation Vulnerability   4/5/2022

Microsoft Windows Privilege Escalation Vulnerability                           4/5/2022

Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability     4/5/2022

Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability    4/5/2022

Microsoft Windows AppXSVC Privilege Escalation Vulnerability            4/5/2022

Some of these vulns keep cropping up: Admins of SonicWall VPNs had to patch them again, even after a PoC was already in the wild. CISA’s catalog of Known Exploited Vulnerabilities now totals 504 flaws, all of which have been seen in use by attackers.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Rajiv Pimplaskar
March 18, 2022 4:54 pm

Unpatched or legacy VPN clients present a major attack vector for bad actors who can utilize these vulnerabilities to infiltrate the network, escalate their privilege and conduct lateral movement. Also, legacy VPNs have the problem of being static with point to point data flows where both the control header and the payload information follow the same predictable traffic pattern. This can make critical users, resources as well as sensitive data easy to detect as well as intercept for replay attacks or future analysis. With the growing involvement of Nation state threat actors, corporations and governments should embrace a true zero trust strategy that extends past the underlying infrastructure with managed attribution and additional security for sensitive communications.

Last edited 1 year ago by Rajiv Pimplaskar

Recent Posts

Would love your thoughts, please comment.x