CISA adds 8 vulnerabilities to list of actively exploited bugs

The US Cybersecurity & Infrastructure Security Agency (CISA) has added eight more flaws to its catalog of exploited vulnerabilities known to be used in attacks, and they are a mix of old and new.

The purpose of publishing these vulnerabilities is to raise awareness and remind federal organizations of their obligation to apply security updates within a strictly specified time frame.

As all vulnerabilities in the catalog are exploited in current active threats and cyberattacks, they pose a significant risk to organizations, allowing takeover of mobile devices, network access, the ability to execute commands remotely .

The eight vulnerabilities added by CISA last week are listed below:

CVE-ID The description Patch deadline
CVE-2022-22587 Apple IOMobileFrameBuffer Memory Corruption Vulnerability 02/11/2022
CVE-2021-20038 SonicWall SMA 100 Appliance Stack Based Buffer Overflow Vulnerability 02/11/2022
CVE-2014-7169 GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability 07/28/2022
CVE-2014-6271 GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability 07/28/2022
CVE-2020-0787 Microsoft Windows Background Intelligent Transfer Service (BITS) Incorrect Privilege Management Vulnerability 07/28/2022
CVE-2014-1776 Microsoft Internet Explorer use-after-release vulnerability 07/28/2022
CVE-2020-5722 Grandstream Networks UCM6200 Series SQL Injection Vulnerability 07/28/2022
CVE-2017-5689 Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Management Privilege Escalation Vulnerability 07/28/2022

The most recent vulnerability, CVE-2022-22587was discovered in 2022 and is a memory corruption flaw in the IOMobileFrameBuffer affecting iOS, iPadOS and macOS “Monterey”.

Apple released a security update to fix day zero last Wednesday, warning that it is being actively exploited in attacks. Due to the potential impact of this vulnerability on mass-market devices, CISA has given federal agencies until February 11, 2022 to apply security updates.

CISA has also added the CVE-2021-20038 vulnerability affecting SonicWall SMA 100 appliances after malicious actors were discovered to be actively seeking and attempting to exploit the vulnerability. As a result, CISA is also requiring agencies to fix this bug by February 11, 2022.

Among the oldest flaws, CVE-2013-6271 is of particular importance as a reliable long-term intrusion channel for adversaries.

It resurfaced through the “Sea Turtle” campaign, which ran between 2017 and 2019, as part of a set of flaws exploited in sophisticated DNS hijacking attacks on a global scale.

It seems that many system administrators still find it practically difficult to apply patch updates after almost eight years since they were first made public.

With the addition of these eight vulnerabilities, there are now a total of 351 exploited vulnerabilities listed in CISA’s Catalog of Known Exploited Vulnerabilities.

Previous Friday's God Of War PC Patch Brings DLSS Sharpness Adjustment, Fixes Driver Bugs And Crashes
Next Hackers Spoof Post Office Notices To Spread Notorious Trickbot Malware