{"id":12149,"date":"2022-12-24T06:05:27","date_gmt":"2022-12-24T13:05:27","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&#038;p=12149"},"modified":"2023-02-17T13:32:52","modified_gmt":"2023-02-17T20:32:52","slug":"dhs-cisa-kevs-weekly-edition-25-patch-before-you-hit-the-deadline","status":"publish","type":"patch_watch","link":"https:\/\/10.42.32.162\/patch_watch\/dhs-cisa-kevs-weekly-edition-25-patch-before-you-hit-the-deadline\/","title":{"rendered":"DHS CISA KEVs Weekly Edition 25: Patch Before You Hit the Deadline"},"content":{"rendered":"<p dir=\"ltr\">This is the last patch watch blog for 2022 and the U.S. Cybersecurity &amp; Infrastructure Security Agency (CISA) has prioritized 3 vulnerabilities to be patched by the end of this year. However, CISA continues to <a href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/current-activity\/2022\/12\/13\/cisa-adds-five-known-exploited-vulnerabilities-catalog\">add more vulnerabilities<\/a> to the KEV catalog that are currently being targeted by threat actors. In addition to this, CISA also runs a <a href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa22-335a\">#StopRansomware campaign<\/a> to alert organizations of the latest ransomware threats.<\/p>\n<h2 dir=\"ltr\">Why are these CVEs important?<\/h2>\n<p dir=\"ltr\">From our analysis, we found:<\/p>\n<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 750px; height: 410px;\" src=\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/patch-watch\/cisa\/dhs-25\/patchwatch-1-1.png\" alt=\"\" \/><\/p>\n<ul>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\">All 3 vulnerabilities are weaponized and have publicly exposed exploits.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-35587\">CVE-2021-35587<\/a> is a critical Oracle Fusion Middleware Access Manager that allows an unauthenticated attacker with network access via HTTP to take over the Access Manager product.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-4135\">CVE-2022-4135<\/a> allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge. This is the 8th zero day vulnerability that Chrome patched this year.<\/p>\n<\/li>\n<li dir=\"ltr\" aria-level=\"1\">\n<p dir=\"ltr\" role=\"presentation\"><a href=\"https:\/\/cybersecurityworks.com\/blog\/cyber-risk\/csws-threat-intelligence-december-5-2022-december-9-2022.html#Internet%20Explorer%200-day%20Exploited%20by%20North%20Korean%20Actor%20APT37%20AKA%20ScarCruft\">CVE-2022-4262<\/a>, is another Chromium browser zero-day vulnerability that allows remote attackers to exploit heap (memory) corruption via a crafted HTML page.<\/p>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2 dir=\"ltr\">How Far Back Do They Go?<\/h2>\n<p>The Chrome vulnerabilities discovered this year pose a risk to all Chrome users and not just enterprises. It is best if all Chrome users updated their browsers to the latest version.<\/p>\n<p><img decoding=\"async\" style=\"width: 550px; height: 392px;\" src=\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/patch-watch\/cisa\/dhs-25\/patchwatch-2-1.png\" alt=\"\" \/><\/p>\n<h2 dir=\"ltr\">Which Vendors Are Affected?<\/h2>\n<p dir=\"ltr\">Chrome has patched 9 zero-day vulnerabilities in this year, apart from other flaws. Two of these vulnerabilities are recommended to be patched by 26-12-2022.<\/p>\n<p><img decoding=\"async\" style=\"width: 550px; height: 367px;\" src=\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/patch-watch\/cisa\/dhs-25\/patchwatch-3-1.png\" alt=\"\" \/><\/p>\n<h2 dir=\"ltr\">Severity Scores<\/h2>\n<p>These vulnerabilities are ranked high and critical on the CVSS scale. These vulnerabilities impact 7 affected products in total and are widely used.<\/p>\n<p><img decoding=\"async\" style=\"width: 550px; height: 417px;\" src=\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/patch-watch\/cisa\/dhs-25\/patchwatch-5.png\" alt=\"\" \/><\/p>\n<p>&nbsp;<\/p>\n<h2 dir=\"ltr\">Software Weaknesses<\/h2>\n<p><img decoding=\"async\" style=\"width: 550px; height: 477px;\" src=\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/patch-watch\/cisa\/dhs-25\/patchwatch-4-1.png\" alt=\"\" \/><\/p>\n<p>&nbsp;<\/p>\n<p dir=\"ltr\">CVE-2021-35587 does not have any CWE attached to it<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shrf5oHO5WAVa2bsy?backgroundColor=blue&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<p dir=\"ltr\" style=\"text-align: center;\"><strong>Table: DHS CISA KEVs<\/strong><\/p>\n<p dir=\"ltr\"><strong>We urge organizations to implement patches for these CVEs at the earliest. With CSW\u2019s threat-based approach and vulnerability intelligence, security teams can prioritize the threats, including all KEVs, and minimize their attack surface.<\/strong><\/p>\n<p dir=\"ltr\">For the latest news regarding vulnerabilities that are exploited and critical threats, read our blog on <a href=\"https:\/\/cybersecurityworks.com\/blog\/cyber-risk\/csws-threat-intelligence-december-5-2022-december-9-2022.html\">Weekly Threat Intelligence<\/a>.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This is the last patch watch blog for 2022 and the U.S. Cybersecurity &amp; Infrastructure Security Agency (CISA) has prioritized 3 vulnerabilities to be patched by the end of this year. However, CISA continues to add more vulnerabilities to the KEV catalog that are currently being targeted by threat actors. In addition to this, CISA [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":14436,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"patch_category":[],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/patch_watch\/12149"}],"collection":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/patch_watch"}],"about":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/types\/patch_watch"}],"author":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/users\/1"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media\/14436"}],"wp:attachment":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media?parent=12149"}],"wp:term":[{"taxonomy":"patch_category","embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/patch_category?post=12149"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}