Updated on 2022-12-15: KEV update
CISA has updated its KEV database with six new vulnerabilities that are currently being actively exploited. These include recently disclosed zero-days in Citrix, Fortinet, Windows, and iOS, but also two vulnerabilities patched earlier this year in Veeam backup solutions.
Overview: Flaws in Veeam, Microsoft, Citrix, Fortinet, and Apple Added to KEV Catalog
The US Cybersecurity and Infrastructure Security Agency (CISA) has added six flaws to its Known Exploited Vulnerabilities (KEV) Catalog. The vulnerabilities are a pair of remote code execution vulnerabilities in Veeam Backup & Replication; an authentication bypass vulnerability in Citrix Application Delivery Controller (ADC) and Gateway; a feature bypass vulnerability in Microsoft Defender SmartScreen; a heap-based buffer overflow vulnerability in Fortinet FortiOS; and a type confusion vulnerability in iOS. The first five issued have remediation deadline dates of January 3, 2023; the iOS issue has a remediation date of January 4.
- For those in the federal space, you now have targets for rolling out the updates we’ve been talking about. And yes, those dates are challenging with the holidays. The attackers are counting on us being distracted or not present so they can more easily exploit targets during this time of year, so we need to plan accordingly. Fingers crossed you can get things rolled out in the next week, to include any tune-up to your monitoring and alerting systems so you can give your staff time off.
Read more in