CISA has included 6 vulnerabilities to its “Known Exploited Vulnerabilities Catalog” and has ordered the federal agencies to patch them with the help of vendor’s instructions.
The CISA, U.S.-based cybersecurity and infrastructure security agency has given a deadline of 6th October to the government agencies to fix the security flaws that surfaced between 2010 and 2022. CISA has instructed the federal agencies to fix the newly added security vulnerabilities as per the directive.
Exploiting the majority of the vulnerabilities that have been added to the list, gives cyber attackers local privilege escalation or admin-level access to the system, whereas the two of them permit to execution of a malicious code remotely, known as Remote Code Execution.
These vulnerabilities that were found between the stretch of 2010 and 2022 comprise the most that were identified in 2013 and were engineered as spyware – especially for getting into the social media accounts of android users by using Tizi malware.
The list of security flaws discovered in 2013 includes:
- CVE-2013-6282: it gives local privilege escalation and is used for rooting android devices.
- CVE-2013-2597: it gives local privilege escalation and is used for overflow in Code Aurora audio driver.
- CVE-2013-2596: it gives local privilege escalation and deals with Linux kernel integer overflow.
- CVE-2013-2094: it gives local privilege escalation and manages Linux kernel privilege escalation.
The CISA also added the oldest bug in KEV which was disclosed in 2010; this was the bug held responsible for spreading the Stuxnet worm, which caused a slowdown in the country’s development in the field of nuclear weapons by destroying the machines at the Natanz Uranium Enrichment Plant.
The bug found in 2010 was named CVE-2010-2568, it allows remote access to inject malicious code into the system.
The latest security issue added to the vulnerability list was identified a month ago. It was also the only security flaw found this year. The cyber attackers exploited it and affected Trend Micro Apex One and Apex one as services.
The recently identified bug was CVE-2022-40139, it was described as an improper validation issue.
The list of all of the vulnerabilities is available publically on the official website of known exploited vulnerabilities.
The directive from November 2021, “Binding operational directive 22-01”, legally states, that resolving all the vulnerabilities added by CISA and making them ‘Known Exploited Vulnerabilities’ is the responsibility of all federal civilian agencies to regulate a secure environment.
Read the full article here