{"id":12145,"date":"2022-10-15T05:54:23","date_gmt":"2022-10-15T12:54:23","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&p=12145"},"modified":"2023-02-17T13:31:54","modified_gmt":"2023-02-17T20:31:54","slug":"dhs-cisa-kevs-weekly-edition-21-patch-before-you-hit-the-deadline","status":"publish","type":"patch_watch","link":"https:\/\/10.42.32.162\/patch_watch\/dhs-cisa-kevs-weekly-edition-21-patch-before-you-hit-the-deadline\/","title":{"rendered":"DHS CISA KEVs Weekly Edition 21: Patch Before You Hit the Deadline"},"content":{"rendered":"
CISA added two more vulnerabilities, CVE-2022-40684 and CVE-2022-41033 to the KEV list on Oct 11, 2022 and Oct 12, 2022, respectively. This brings the total number of vulnerabilities to 839. Based on the level of threat these CVEs pose and the trending exploits, the CISA recommends Federal organizations to patch the CVEs by a given date. We have covered the CVEs that need to be patched between 10-10-2022 and 21-10-2022 in the blog. Let\u2019s take a look at them<\/p>\n
We analyzed these 5 CVEs and found that:<\/p>\n
<\/p>\n
All 5 vulnerabilities are trending this month.<\/p>\n<\/li>\n
CVE-2022-41082 is Microsoft\u2019s zero-day vulnerability. Authenticated attackers who can access PowerShell Remoting on vulnerable Exchange systems will be able to trigger RCE using CVE-2022-41082.<\/p>\n<\/li>\n
CVE-2022-3236 is a Sophos firewall vulnerability which has been targeted in exploits against specific organizations in South Asia.<\/p>\n<\/li>\n
CVE-2022-35405, a ManageEngine vulnerability, has been actively exploited since August 2022.<\/p>\n<\/li>\n<\/ul>\n
<\/p>\n
All the vulnerabilities have been discovered in 2022. Except for CVE-2022-3236, all have at least one publicly available exploit. These vulnerabilities are also weaponized.<\/p>\n
<\/p>\n
Microsoft Exchange servers have been targeted recently by the LockBit ransomware gang. There are two vulnerabilities from this vendor. Similarly, Atlassian vulnerabilities are also highly exploited.<\/p>\n
<\/p>\n
Organizations must keep themselves up-to-date with these vendor advisories and upgrade their products as and when new patches are released.<\/p>\n
<\/p>\n
Patching these vulnerabilities is of high priority, as they rank high and\/or critical on the CVSS scoring scale. Exploiting such vulnerabilities will allow attackers to cause maximum damage to their victim networks.<\/p>\n
<\/p>\n
<\/p>\n
The following CWEs have caused the vulnerabilities that need to be patched this week.<\/p>\n
<\/p>\n
<\/p>\n
CVE-2022-41082 and CVE-2022-35405 do not have any CWE associated with it.<\/p>\n
<\/p>\n
Table: DHS CISA KEVs<\/strong><\/p>\n