CISA added 7 new flaws to its Known Exploited Vulnerabilities Catalog

1. CISA added 7 new flaws to its Known Exploited Vulnerabilities Catalog Exploited Vulnerabilities Catalog Exploited Vulnerabilities Catalog CISA added 7 new flaws to its Known CISA added 7 new flaws to its Known The Cybersecurity and Infrastructure Security Agency (CISA) from the U.S. added 7 latest issues to its unleashed Exploited Vulnerabilities Catalog. issues to its unleashed Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) from the U.S. added 7 latest The Cybersecurity and Infrastructure Security Agency (CISA) from the U.S. added 7 latest Researchers are always in the search for options to evade issues erupting the networks and systems that we use. So, what’s now? Did we get something new? Or is it just some daily news Pop-Ups? No, today, this news will amaze you because several flaws, in a catalog that records several flaws, in a catalog that records exploited vulnerabilities. are always in the search for options to evade issues erupting from the that we use. So, what’s now? Did we get something new? Or is it just Ups? No, today, this news will amaze you because CISA has identified from the loopholes in that we use. So, what’s now? Did we get something new? Or is it just has identified This week, CISA introduced seven new flaws other Exploited Vulnerabilities of their Vulnerability observed as CVE-2022 seven new flaws and recorded them in the records along with of their Catalog. That included a critical SAP Security 2022-22536. and recorded them in the records along with SAP Security On Thursday, CISA added a critical SAP security flaw Vulnerabilities. Moreover, that is based on the evidence of . Moreover, that is based on the evidence of active exploitation. critical SAP security flaw to its Catalog containing Exploited Exploited One of those risks got the highest rating score Vulnerability Scoring System. That is identified by SAP as part of its Patch highest rating score of severity which is 10.0 on the CVSS . That is CVE-2022-22536. On Tuesday this vulnerability Patch updates for February 2022. CVSS vulnerability was The catalog has some additional flaws included: The catalog has some additional flaws included:

2. S.No. Code Issues Apple iOS and macOS contain an out-of-bounds write vulnerability that can get access to adversaries to remotely execute code execution when running maliciously crafted web content. 1. CVE-2022-32893 Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow an app to run code with kernel privileges. 2. CVE-2022-32894 Google Chrome Intents allow for insufficient validation of untrusted input, causing unknown results. CISA will update this explanation if more data becomes available. 3. CVE-2022-2856 Microsoft Windows Runtime contains an unspecified vulnerability that allows remote code execution. 4. CVE-2022-21971 5. CVE-2022-26923 A valid user could change attributes on PCA/Cs they own/ manage and keep a certificate from Active Directory Certificate Services that would

3. allow for privilege escalation to the system. Palo Alto Networks PAN-OS contains multiple, unspecified vulnerabilities which can allow for remote code execution when chained. 6. CVE-2017-15944

4. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of already unleashed Exploited Vulnerabilities, FCEB organizations need to identify the identified loopholes by the due date to secure their networks against attacks that exploit the flaws in the mentioned catalog.

5. Advice from Experts Private Organizations must review the Catalog and consider the loopholes in their infrastructure, and management. CISA orders federal agencies to patch these vulnerabilities by September 8, 2022. As a professional in the industry, you should be careful of the things that may worry you for a long time if avoided. Always look for the latest updates in Cyber Security Tech News. Learn, Research, and Grow! Watch more News here : https://www.news4hackers.com