CISA adds 7 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include Windows and Samsung vulnerabilities)

The Cybersecurity and Infrastructure Security Agency (CISA) has added seven (7) vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Microsoft Windows and Samsung vulnerabilities.

CISA warned “these types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.”

As a result, these vulnerabilities have been added to the Catalog based on evidence of active exploitation.

Microsoft Windows

CISA added four (4) Windows zero-day vulnerabilities the Known Exploited Vulnerabilities Catalog, which Microsoft patched as part of their November 2022 Security Updates on November 8, 2022:

• CVE-2022-41073: Windows Print Spooler Elevation of Privilege Vulnerability (CVSS 7.8)
• CVE-2022-41091: Windows Mark of the Web Security Feature Bypass Vulnerability (CVSS 5.4)
• CVE-2022-41125: Windows CNG Key Isolation Service Elevation of Privilege Vulnerability (CVSS 7.8)
• CVE-2022-41128: Windows Scripting Languages Remote Code Execution Vulnerability (CVSS 8.8).

Microsoft warned all four of these vulnerabilities have exploits detected in the wild.

It was also noteworthy that Microsoft addressed two other zero-day vulnerabilities “ProxyNotShell” also in November’s Patch Tuesday release.

Samsung

Moreover, CISA also added three (3) Samsung vulnerabilities to the list of Exploited Vulnerabilities:

• CVE-2021-25337: Samsung Mobile Devices Improper Access Control Vulnerability (CVSS 7.1)
• CVE-2021-25369: Samsung Mobile Devices Improper Access Control Vulnerability (CVSS 5.5)
• CVE-2021-25370: Samsung Mobile Devices Memory Corruption Vulnerability (CVSS 4.4).

Regarding the most severe of the two issue (CVE-2021-25337) affecting Samsung devices, is an improper access control vulnerability in clipboard service which allows untrusted applications to read or write arbitrary files.

Each of the above Samsung vulnerabilities can be chained with the other two vulnerabilities.

Related Articles

• Microsoft update for Microsoft Exchange Server zero-day ProxyNotShell vulnerabilities
• CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include iOS and Chrome zero-days)
• Google fixes Chrome 107 zero-day vulnerability (CVE-2022-3723) exploited in the wild
• Apple releases new macOS Ventura 13, along with security updates for iOS zero-day and multiple Apple products
• CISA adds 3 vulnerabilities to Known Exploited Vulnerabilities Catalog