The Cybersecurity and Infrastructure Security Agency (CISA) added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Three of the vulnerabilities need to be remediated by federal civilian agencies before January 24, while the rest have remediation dates of July 10.
The most urgent additions include a VMware vCenter Server Improper Access Control vulnerability, a Hikvision Improper Input Validation vulnerability and a FatPipe WARP, IPVPN, and MPVPN Privilege Escalation vulnerability.
The rest of the list includes vulnerabilities involving Google Chrome, Microsoft Win32K, Microsoft WinVerify, Elastic Kibana, Primetek Primefaces, IBM WebSphere Application Server, Exim Mail Transfer Agent, Palo Alto Networks PAN-OS, Fortinet FortiOS and FortiProxy, Synacor Zimbra and Oracle WebLogic Server.
For more such updates follow us on Google News ITsecuritywire News