CISA adds 75 vulnerabilities to Known Exploited Vulnerabilities Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has added more than 75 vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Cisco, Microsoft, Adobe, Oracle, Linux vulnerabilities and more.

An attacker could exploit these vulnerabilities to take control of impacted systems.

Many of the vulnerabilities were older ranging from 2010 to 2019, but one of the noteworthy vulnerabilities that were more recently patched include a Cisco IOS XR Open Port Vulnerability CVE-2022-20821.

“A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container,” Cisco wrote in the advisory.

The Cisco issue was patched on May 20, 2022.

Moreover, two 2021 Android Kernel vulnerabilities (CVE-2021-1048 and CVE-2021-0920) and an Apple memory corruption vulnerability (CVE-2021-30883) that affects multiple Apple products were also added to the CISA exploit catalog.

The recently added exploits include 34 posted on May 25, 2022, 20 added on May 24 and another 21 previously added on May 24, 2022.

Related Articles