Vulnerabilities to the Known Exploited Catalog
As a security researcher, I have been a keen follower of CISA’s list of Known Exploited vulnerabilities, and it was fascinating to see just how much work has gone into creating it. Although many of the flaws listed are not brand-new, some were published several years ago, and some were disclosed over a decade ago. It is important to understand that even though the list of vulnerabilities is constantly growing, many of the flaws have not been patched.
On Wednesday, the U.S. Cybersecurity and Infrastructure Security Agency released a list of more than seventy vulnerabilities, all of which pose a significant risk. Moreover, these vulnerabilities are actively being exploited, increasing the risk of a cyber attack. As such, CISA has issued a mandatory patching deadline for federal civilian agencies to address these flaws.
This is good news for security professionals, but it does not mean that organizations should ignore these vulnerabilities. The CISA has also added a list of seventy-five more vulnerabilities to its catalog, and encourages all organizations to use it as a starting point in vulnerability management. This will help mitigate these flaws and keep them from being exploited by threat actors.
Another notable vulnerability is CVE-2022-34713, a remote code execution vulnerability that affects the Windows Support Diagnostic Tool. Attackers can trigger this vulnerability by tricking a victim into opening specially crafted files. As a result, attackers could make a malicious file execute arbitrary code. It is also known as the “Dogwalk” vulnerability.
CISA Adds 75 Vulnerabilities to the Known Exploited Catalog
CISA’s advisory also includes several critical flaws in popular vehicle GPS trackers. A successful exploitation could allow remote actors to control the vehicle’s fuel supply and control. In addition, there is an advisory for the MiCODUS MV720 Global Positioning System Tracker. The known exploited vulnerabilities catalog could allow remote actors to track the movements of cars and other objects.
In a joint cybersecurity advisory, the CISA, Australian Cyber Security Centre, and FBI have identified the top CVEs that cyber actors will exploit in 2020 and 2021. These vulnerabilities are dated and widely available, and organizations should apply patches to minimize the risks. Implementing a centralized patch management system is also recommended to mitigate any exploits. This is just one of the latest in an ongoing effort to secure the world’s network.
The FBI has also released a report on the Ranzy Locker cyber attack. This attack began targeting the United States in late 2020. In addition to this new CVE, Microsoft published a blog on NOBELIUM attacks. Users and administrators should review these updates immediately to minimize their risks of severe business degradation. The CISA also encourages critical infrastructure owners to read their Rising Ransomware Threat to OT Assets fact sheet to learn about mitigation measures.