{"id":8363,"date":"2022-06-24T10:54:36","date_gmt":"2022-06-24T10:54:36","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&p=8363"},"modified":"2023-02-17T13:24:17","modified_gmt":"2023-02-17T20:24:17","slug":"dhs-cisa-kevs-weekly-edition-8-patch-before-you-hit-the-deadline","status":"publish","type":"patch_watch","link":"https:\/\/10.42.32.162\/patch_watch\/dhs-cisa-kevs-weekly-edition-8-patch-before-you-hit-the-deadline\/","title":{"rendered":"DHS CISA KEVs Weekly Edition 8: Patch Before you Hit the Deadline"},"content":{"rendered":"

This is the 8th edition of our patch watch blogs. We bring this to you so you can be aware of the vulnerabilities you need to patch in that week. These are recommended by the\u00a0 US Cybersecurity and Infrastructure Security Agency (CISA)\u00a0 and this week, (June 20 to June 26, 2022) 36 vulnerabilities need to be patched.<\/p>\n

The federal agencies are required to meet this deadline and ensure that the patches are deployed and their systems protected against malicious attacks.<\/p>\n

We analysed the CISA Known Exploited Vulnerabilities (KEVs) and found that –<\/p>\n

\"\"<\/p>\n

How Far Back Do They Go?<\/h2>\n

Of the 36 KEVs, 35 CVEs are old vulnerabilities dating from 2006 to 2021, with a patch deadline of June 22, 2022.<\/p>\n

\"\"<\/p>\n

Which Vendors Are Affected?<\/h2>\n

CVEs with a patch deadline of June 22, 2022 are associated with 7 prominent vendors such as Google, Microsoft, CISCO, etc. Here\u2019s the entire list of vendors:<\/p>\n

\"\"<\/p>\n

Severity Scores<\/h2>\n

All the vulnerabilities lie in either the high or critical range and need to be patched without delay.<\/p>\n

\"\"<\/p>\n

Software Weaknesses<\/h2>\n

The following CWEs are associated with a number of vulnerabilities that need to be patched this week.<\/p>\n

\"\"<\/p>\n