CISA Adds Zoho, Qualcomm, Mikrotik Flaws to ‘Must-Patch’ List

CISA Adds Zoho_ Qualcomm_ Mikrotik Flaws to ‘Must-Patch’ List

Citing evidence of active exploitation against five specific vulnerabilities, the Cybersecurity and Infrastructure Security Agency (CISA) has warned that further delays in applying available fixes “pose a significant risk to the federal enterprise.”

Federal agencies have until December 15, 2021, to apply patches for a pair of Zoho Manage Engine ServiceDesk flaws that have been at the center of documented APT attacks over the last few months.

The CISA Known Exploited Vulnerabilities Catalog is part of a government binding directive to reduce attack surfaces and risk associated with flaws under active exploitation.

Read more: Securityweek

For more such updates follow us on Google News ITsecuritywire News