The Cybersecurity and Infrastructure Security Agency (CISA) has added 7 vulnerabilities to its Known Exploited Vulnerabilities Catalog.
An attacker could exploit these vulnerabilities to take over impacted systems.
The most recent vulnerabilities added to the the catalog include those affecting Trend Micro, Sophos, Windows, QNAP, Dell, and Dasan products:
|CVE #||Vulnerability Name|
|CVE-2022-26871||Trend Micro Apex Central Arbitrary File Upload Vulnerability|
|CVE-2022-1040||Sophos Firewall Authentication Bypass Vulnerability|
|CVE-2021-34484||Microsoft Windows User Profile Service Privilege Escalation Vulnerability|
|CVE-2021-28799||QNAP NAS Improper Authorization Vulnerability|
|CVE-2021-21551||Dell dbutil Driver Insufficient Access Control Vulnerability|
|CVE-2018-10562||Dasan GPON Routers Command Injection Vulnerability|
|CVE-2018-10561||Dasan GPON Routers Authentication Bypass Vulnerability|
Of special note, Trend Micro just released a security advisory on March 30, 2022 for the High severity Arbitrary File Upload vulnerability CVE-2022-26871 (CVSS score 8.6) in Apex Central products.
On March 25, 2022, Sophos fixed a Critical authentication bypass vulnerability CVE-2022-1040 (CVSS score 9.8) that affects the User Portal and Webadmin of Sophos Firewall. An attacker could exploit this issue and execute code remotely.
Moreover, another notable vulnerability added to the Catalog is the Dell dbutil driver vulnerability CVE-2021-21551.
In May of last year, security researchers from SentinelLabs discovered the BIOS driver privilege escalation flaw CVE-2021-21551 that had exposed hundreds of millions of Dell computers. As a result, a bad actor could locally escalate to kernel-mode privileges.
“Since 2009, Dell has released hundreds of millions of Windows devices worldwide which contain the vulnerable driver,” Kasif Dekel of SentinelLabs wrote in a blog post.
Finally, QNAP Systems, Inc. (QNAP) issued a statement last April warning users to immediately update and run malware scans on QNAP NAS devices after recent reports of ransomware attacks involving Qlocker and eCh0raix.
According to research reports at that time, attackers likely exploited the QNAP Improper Authorization Vulnerability in HBS 3 Hybrid Backup Sync CVE-2021-28799, as well as a SQL Injection Vulnerability in Multimedia Console and the Media Streaming Add-On CVE-2020-36195.
Readers can check out the most recent CISA post on March 31, 2022, as well as 32 previously added exploited vulnerabilities added earlier last week to the complete Known Exploited Vulnerabilities Catalog.