CISA Adds Another 95 Flaws to its Actively Exploited Vulnerabilities Catalog
Mar 05, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week added 95 more security flaws to its Known Exploited Vulnerabilities Catalog , taking the total number of actively exploited vulnerabilities to 478. "These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise," the agency said in an advisory published on March 3, 2022. Of the 95 newly added bugs, 38 relate to Cisco vulnerabilities, 27 for Microsoft, 16 for Adobe, seven impact Oracle, and one each corresponding to Apache Tomcat, ChakraCore, Exim, Mozilla Firefox, Linux Kernel, Siemens SIMATIC CP, and Treck TCP/IP stack. Included in the list are five issues discovered in Cisco RV routers, which CISA notes are being exploited in real-world attacks. The flaws, which came to light early last month, allow for the execution of arbitrary code with root privileges. Three of the vulnerabilities – CVE-2022-20699, CVE-2022-20