CISA reports 66 actively exploited security flaws – patching available

Security flaws can be used by attack vectors and security agency wants that hackers exploit them commonly

The catalog includes old and new security vulnerabilities: 66 in total

The US Cybersecurity and Infrastructure Security Agency warned federal agencies to patch the 66 new security flaws. These findings were based on evidence of the active exploitation and danger rate.^[1]

The catalog with all of the security vulnerabilities was named Known Exploited Vulnerabilities.^[2] Bugs have been observed in real cyberattacks affecting various organizations, so the publishing should raise awareness among system administrators and officials.

The official advisory warns people about the particular risks and notes that applying particular security measures and updates is crucial here. CISA even gives particular federal agencies until April 15 to release patches for these vulnerabilities. This is the way that organizations can reduce the risks of exploitation and related cyber attacks, so there are fewer victims.^[3]

The catalog covers technology used in enterprises

These 66 security vulnerabilities include older and newer flaws in networking kits and appliances related to security. Flaws can affect devices from D-Link, Cisco, Netgear, Citrix, Palo Alto, Sophos, Zyxel, and enterprise software from Oracle, OpenBSD, VMware, and other similar developers. Also, the list includes various particular Windows bugs.^[4]

It is noted that the list covers a broad spectrum of software and hardware types, versions. These exploited flaws have been disclosed over the span of years between 2005 and 2022. CISA will continue to add particular vulnerabilities to the catalog when those flaws meet the particular criteria.

Even though these flaws mainly affect FCEB agencies, the officials urge all system administrators at various organizations to reduce the possible exposure to hackers and cyber-attacks. Remediating these identified bugs by the due date to protect against active threats is advised.

Particularly dangerous vulnerable driver bugs

The Mitel CVE-2022-26143 flaw is the one that affects the machines with a particularly vulnerable driver TP-240. Those devices include MiVoice Business Express and MiCollab. The exploited flaw allows the DDoS amplification of a record-breaking ratio – 4.3 billion to 1. The internal reflection method allows such an attack. The flaw was discovered and reported, apparently, the bug has been used in attacks.^[5]

The set also includes the Windows Print Spooler Elevation of Privilege vulnerability tracked as CVE-2022-21999. This one created major issues and is recognized as an advanced flaw. All these newer and older flaws are actively exploited in recent attack chains. They can be applied today by any of the existing hacker groups.

These malicious actors can quickly use the flaw and exploit the vulnerable machines. Even after the disclosure from vendors the exploitation is possible and can be quick. A critical issue like this needs to be patched, and administrators are urged to apply security updates as soon as possible for a reason.

CISA just last month released a list of 95 bugs and gave a month dor agencies to fix those issues. In that list also were old and new vulnerabilities. These reports should show how important it is to patch particular security flaws right away because all of these bugs from several years can be exploited in attacks right now.