CISA Updates Its List Of Exploited Flaws

Share post:

CISA has updated its list of known exploited vulnerabilities with 15 new security issues and is asking federal agencies to identify and fix the security issues in their systems.

Of the 15 flaws, four are from 2021 and one is from 2020. The rests are flaws from more than two years ago and the oldest is from 2013.

The 2021 flaws include VMware vCenter Server Improper Access Control Vulnerability (CVE-2021-22017), Hikvision Improper Input Validation Vulnerability (CVE-2021-36260), FatPipe WARP, IPVPN, and MPVPN Privilege Escalation vulnerability (CVE-2021-27860).

2020 bugs include Google Chrome before 81.0.4044.92 Use-After-Free Vulnerability CVE-2020-6572.

The 2019 flaws include Microsoft Win32K Elevation of Privilege Vulnerability (CVE-2019-1458), Elastic Kibana Remote Code Execution Vulnerability (CVE-2019-7609), Oracle WebLogic Server, Injection Vulnerability (CVE-2019-2725), Synacor Zimbra Collaboration Suite Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-9670), Exim Mail Transfer Agent (MTA) Improper Input Validation Vulnerability (CVE-2021-10149), and Palo Alto Networks PAN-OS Remote Code Execution Vulnerability (CVE-2019-1579).

For more information, read the original story in BleepingComputer.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for week ending Friday, March 1, 2024

This episode features a discussion on how hard it is to kill a ransomware gang, Canada's proposed new online harms bill, why organizations still allow staff to use vulnerable software

Healthcare sector “stretched thin” in fight against cyber attacks warns CSO of Health-ISAC

In an interview Errol Weiss talks about the challenges facing hospitals a

Cyber Security Today, March 1, 2024 – Warnings to GitHub users and Ivanti gateway administrators, and more

This episode reports on a recommendation that enterprises drop Ivanti Policy Secure and Connect Secure devices because threat actors can get around mitigations for recent vulne

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways