{"id":12146,"date":"2022-11-05T05:56:57","date_gmt":"2022-11-05T12:56:57","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&#038;p=12146"},"modified":"2023-02-17T13:32:09","modified_gmt":"2023-02-17T20:32:09","slug":"dhs-cisa-kevs-weekly-edition-22-patch-before-you-hit-the-deadline","status":"publish","type":"patch_watch","link":"https:\/\/10.42.32.162\/patch_watch\/dhs-cisa-kevs-weekly-edition-22-patch-before-you-hit-the-deadline\/","title":{"rendered":"DHS CISA KEVs Weekly Edition 22: Patch Before You Hit the Deadline"},"content":{"rendered":"<p dir=\"ltr\">CISA added around 10 vulnerabilities to the KEV between Oct 20, 2022 and Oct 28, 2022. They are currently being exploited by hackers. CISA recommends that Federal organizations patch these vulnerabilities by the end of this year.\u00a0 In this blog, we have covered the CVEs that need to be patched between 01-11-2022 and 10-11-2022. Let\u2019s take a look at them<\/p>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 750px; height: 410px;\" src=\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/patch-watch\/cisa\/dhs-22\/patchwatch-1-3.png\" alt=\"\" \/><\/p>\n<h2 dir=\"ltr\">Why are these CVEs important?<\/h2>\n<p>We analyzed these 4 CVEs and found that:<\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">All 4 vulnerabilities are trending this month.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">CVE-2021-3493 is a <a href=\"https:\/\/cybersecurityworks.com\/blog\/cyber-risk\/csws-threat-intelligence-september-05-2022-september-09-2022.html#LINUX%20OS%20under%20Attack%20by%20New%20Malware%20Shikitega\">Linux Kernel vulnerability<\/a> which can be used for privilege escalation as well as remote code execution once the attackers gain initial access.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"https:\/\/cybersecurityworks.com\/blog\/cyber-risk\/csws-threat-intelligence-october-3-2022-october-7-2022.html#Patch%20Urgently:%20FortiGate%20Firewalls%20and%20FortiProxy%20Web%20Proxies%20Affected%20by%20Critical%20Vulnerability\">CVE-2022-40684<\/a> is a Fortinet vulnerability which could potentially allow administration access in vulnerable devices.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"https:\/\/cybersecurityworks.com\/blog\/cyber-risk\/csws-threat-intelligence-october-3-2022-october-7-2022.html#CVE-2022-41352:%20New%20Zero-day%20RCE%20Vulnerability%20in%20Zimbra%20Collaboration%20Suite\">CVE-2022-41352<\/a>, a Zimbra Collaboration (ZCS) vulnerability, allows an attacker to upload arbitrary files using cpio package to gain incorrect access to any other user accounts.<\/p>\n<\/li>\n<\/ul>\n<h2 dir=\"ltr\">How Far Back Do They Go?<\/h2>\n<p>&nbsp;<\/p>\n<p dir=\"ltr\">Three of these vulnerabilities are new and have 3 exploits. Except for CVE-2021-3493 which was discovered in 2021 has 3 known exploits. These vulnerabilities are also weaponized.<\/p>\n<p><img decoding=\"async\" style=\"width: 550px; height: 440px;\" src=\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/patch-watch\/cisa\/dhs-22\/patchwatch-2-3.png\" alt=\"\" \/><\/p>\n<h2 dir=\"ltr\"><\/h2>\n<h2 dir=\"ltr\">Which Vendors Are Affected?<\/h2>\n<p dir=\"ltr\">The Fortinet vulnerability is present in more than 100,000 FortiGate firewalls that are open to the Internet, although it&#8217;s unknown if their management interfaces are also exposed. Apart from it, the rest if the vulnerabilities are also present in multiple popularly used products.<\/p>\n<p><img decoding=\"async\" style=\"width: 550px; height: 366px;\" src=\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/patch-watch\/cisa\/dhs-22\/patchwatch-3-3.png\" alt=\"\" \/><\/p>\n<p dir=\"ltr\">Organizations must keep themselves up-to-date with these vendor advisories and upgrade their products as and when new patches are released.<\/p>\n<p>&nbsp;<\/p>\n<h2 dir=\"ltr\">Severity Scores<\/h2>\n<p>&nbsp;<\/p>\n<p dir=\"ltr\">Patching these vulnerabilities is of high priority, as they rank high and\/or critical on the CVSS scoring scale. Exploiting such vulnerabilities will allow attackers to cause maximum damage to their victim networks.<\/p>\n<p><img decoding=\"async\" style=\"width: 550px; height: 417px;\" src=\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/patch-watch\/cisa\/dhs-22\/patchwatch-4-3.png\" alt=\"\" \/><\/p>\n<p>&nbsp;<\/p>\n<h2 dir=\"ltr\">Software Weaknesses<\/h2>\n<p>&nbsp;<\/p>\n<p dir=\"ltr\">The following CWEs have caused the vulnerabilities that need to be patched this week.<\/p>\n<p><img decoding=\"async\" style=\"width: 550px; height: 379px;\" src=\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/patch-watch\/cisa\/dhs-22\/patchwatch-5-3.png\" alt=\"\" \/><\/p>\n<p>&nbsp;<\/p>\n<p dir=\"ltr\">CVE-2021-3493 does not have any CWE associated with it.<\/p>\n<p>&nbsp;<\/p>\n<p><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shrUHJ4I6j6Rypbdj?backgroundColor=blue&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<p dir=\"ltr\" style=\"text-align: center;\"><strong>Table: DHS CISA KEVs<\/strong><\/p>\n<p dir=\"ltr\"><strong>We urge organizations to implement patches for these CVEs at the earliest. With CSW\u2019s threat-based approach and vulnerability intelligence, security teams can prioritize the threats, including all KEVs, and minimize their attack surface.<\/strong><\/p>\n<p dir=\"ltr\">For the latest news regarding vulnerabilities that are exploited and critical threats, read our blog on <a href=\"https:\/\/cybersecurityworks.com\/blog\/cyber-risk\/csws-threat-intelligence-october-31-2022-november-4-2022.html\">Weekly Threat Intelligence<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA added around 10 vulnerabilities to the KEV between Oct 20, 2022 and Oct 28, 2022. They are currently being exploited by hackers. CISA recommends that Federal organizations patch these vulnerabilities by the end of this year.\u00a0 In this blog, we have covered the CVEs that need to be patched between 01-11-2022 and 10-11-2022. Let\u2019s [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":14436,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"patch_category":[],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/patch_watch\/12146"}],"collection":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/patch_watch"}],"about":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/types\/patch_watch"}],"author":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/users\/1"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media\/14436"}],"wp:attachment":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media?parent=12146"}],"wp:term":[{"taxonomy":"patch_category","embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/patch_category?post=12146"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}