{"id":8357,"date":"2022-07-01T10:48:06","date_gmt":"2022-07-01T10:48:06","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&p=8357"},"modified":"2023-02-17T13:24:31","modified_gmt":"2023-02-17T20:24:31","slug":"dhs-cisa-kevs-weekly-edition-9-patch-before-you-hit-the-deadline","status":"publish","type":"patch_watch","link":"https:\/\/10.42.32.162\/patch_watch\/dhs-cisa-kevs-weekly-edition-9-patch-before-you-hit-the-deadline\/","title":{"rendered":"DHS CISA KEVs Weekly Edition 9: Patch Before you Hit the Deadline"},"content":{"rendered":"
Following a cyber attack on MITEL VOIP, the CISA added 8 new CVEs too their KEVs list on June 27th 2022. There are now 787 CVEs on the list. They come recommended with a patch-by date and in this blog we will be taking a look at the CVEs with patch due date falling between (June 27 to July 3, 2022).<\/p>\n
We analyzed the CISA Known Exploited Vulnerabilities (KEVs) and found that –<\/p>\n
<\/p>\n
Of the 3 KEVs, 2 vulnerabilities have been around since 2016 and one since 2021.<\/p>\n
<\/p>\n
CVEs with a patch deadline of June 30, 2022 are associated with SAP and in particular, the Netweaver.<\/p>\n
<\/p>\n
The CVSS severity scores vary from medium to critical.<\/p>\n
<\/p>\n
The following CWEs are associated with a number of vulnerabilities that need to be patched this week.<\/p>\n
\n