The US Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities Catalog with 15 new vulnerabilities. Since November 2021, when CISA first announced it, more than 500 security vulnerabilities have been added to the “Must-Patch” list.
The list includes Binding Operational Directive 22-01, which mandates government agencies to take immediate action to resolve the detected issues. The newly discovered vulnerabilities — one affecting SonicWall, SonicOS and 14 affecting Microsoft Windows – are older flaws, some of which have been patched for over a decade.
The SonicOS security flaw (CVE-2020-5135) can be used to launch DoS attacks and execute arbitrary code. All of the Windows issues, which were fixed between 2016 and 2019, can lead to privilege escalation.
Read More: Securityweek
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.