On June 8, 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) has added 36 new vulnerabilities, bringing the total number of exploited bugs to 777.
This blog lists all of the DHS CISA KEVs that need to be patched this week (June 1 to June 12, 2022).
The federal agencies are expected to patch 14 known exploited vulnerabilities in the DHS CISA catalog this week in time for the June 1 to June 12, 2022 deadline. Based on our analysis of these KEVs, we found that –
How Far Back Do They Go?
Of the 14 KEVs, 11 CVEs are old vulnerabilities dating from 2010 to 2021, with a patch deadline of June 1 to June 12, 2022.
Which Vendors Are Affected?
These 14 CVEs that have a patch deadline of June 1 to June 12, 2022, affect 13 vendors such as Apache, Atlassian, RedHat, Vmware, and Linux.
10 out of the 14 KEVs with a patch due date between June 1 to June 12, 2022 fall under the Top 40 Most Dangerous Software Weaknesses and OWASP Top 10:2021.
Table: DHS CISA KEVs
Understand the Immediate Priorities
CISA encourages organizations to reduce their exposure to cyberattacks by patching the vulnerabilities on the Known Exploited Vulnerability Catalog in a timely manner as part of their vulnerability management practices.
To know more about our CISA known exploited vulnerabilities catalog analysis and vulnerabilities to be patched in June Month. Click here