CISA has added eight new vulnerabilities to its Known Exploited
Vulnerabilities Catalog, based on evidence of active exploitation. These
types of vulnerabilities are a frequent attack vector for malicious cyber
actors and pose significant risk to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of
Known Exploited Vulnerabilities established the Known Exploited
Vulnerabilities Catalog as a living list of known CVEs that carry significant
risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate
identified vulnerabilities by the due date to protect FCEB networks against
active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all
organizations to reduce their exposure to cyberattacks by prioritizing timely
remediation of Catalog vulnerabilities as part of their vulnerability
management practice. CISA will continue to add vulnerabilities to the Catalog
that meet the meet the specified criteria.
1. WatchGuard Firebox and XTM Privilege Escalation Vulnerability
CVE-2022-23176: WatchGuard Firebox and XTM appliances allow a remote attacker
with unprivileged credentials to access the system with a privileged
management session via exposed management access. This vulnerability impacts
Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x
before 12.5.7_U3.
2. Microsoft Active Directory Domain Services Privilege Escalation
Vulnerability
Microsoft Active Directory Domain Services contains an unspecified
vulnerability which allows for privilege escalation.
CVE-2021-42287: Active Directory Domain Services Elevation of Privilege
Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282,
CVE-2021-42291.
3. Microsoft Active Directory Domain Services Privilege Escalation
Vulnerability
Microsoft Active Directory Domain Services contains an unspecified
vulnerability which allows for privilege escalation.
CVE-2021-42278: Active Directory Domain Services Elevation of Privilege
Vulnerability This CVE ID is unique from CVE-2021-42282, CVE-2021-42287,
CVE-2021-42291.
4. Google Pixel Out-of-Bounds Write Vulnerability
CVE-2021-39793: Google Pixel contains a possible out-of-bounds write due
to a logic error in the code that could lead to local escalation of privilege.
5. Checkbox Survey Deserialization of Untrusted Data Vulnerability
CVE-2021-27852: Deserialization of Untrusted Data vulnerability in
CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker
to execute arbitrary code.
6. Linux Kernel Privilege Escalation Vulnerability
CVE-2021-22600: Linux Kernel contains a flaw in the packet socket
(AF_PACKET) implementation which could lead to incorrectly freeing memory. A
local user could exploit this for denial-of-service or possibly for privilege
escalation.
7. QNAP Network-Attached Storage (NAS) Command Injection Vulnerability
CVE-2020-2509: QNAP NAS devices contain a command injection vulnerability
which could allow attackers to perform remote code execution.
8. Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerability
CVE-2017-11317: Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX
allows remote attackers to perform arbitrary file uploads or execute arbitrary
code.
Source:
