• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • Latest News
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

CISA Adds 95 New Bugs To Database Of Known Exploited Vulnerabilities

Some security bugs recently added to CISA's catalog of known exploited vulnerabilities are more than a decade old.

March 4, 2022 Zachary Comeau Leave a Comment

CISA
Tada Images/ Stock.adobe.com

There are 95 new known exploited vulnerabilities that IT and security professionals should immediately investigate and mitigate, including several that date back at least a decade, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

The agency added the vulnerabilities to its catalog of known exploited vulnerabilities based on evidence of exploitation in the wild. The security bugs added this week are frequent attack vectors for threat actors and post significant risk to not only government networks, but the private sector as well.

With the new additions, CISA’s catalog now includes 478 vulnerabilities that have been exploited in the wild.

The newly added vulnerabilities include newly discovered bugs in Cisco Small Business RV Series routers and other switches, Cisco’s IOS software, Microsoft Excel, Exchange Server, Adobe Flash Player, Linux Kernel and many others.

All of CISA’s new known exploited vulnerabilities added are currently patchable by following vendor instructions, according to CISA’s database.

While most of the bugs recently added are relatively new, many are older, with some dating back nearly 20 years, including Windows privilege Escalation vulnerabilities from 2002 and 2004. According to CISA’s full list, there are 23 known exploited vulnerabilities that are at least a decade old.

The bugs range in severity, but many are rated as high or critical, so organizations should make sure their systems are patched, especially for the older vulnerabilities listed.

Government agencies are required to patch the majority of the newly listed vulnerabilities by March 24, but there is a shorter deadline of March 17 for 27 of the bugs, eight of which come with CVSS score of at least 9.8, so they should be prioritized.

Those bugs with a shorter deadline include the Cisco Small Business RV series vulnerabilities, Microsoft Windows Installer, Apache Tomacat, Treck TCP/IP stack, Exim, Microsoft Excel, Microsoft Exchange Server, ChakraCore scripting engine, Cisco IOS software and Cisco Catalyst 4500 and 45000-X series switches.

Click here for CISA’s full list of known exploited vulnerabilities. 

Tagged With: Cybersecurity, Vulnerability Management

Related Content:

  • Microsoft Basic Auth Prepare: Microsoft Begins Disabling Basic Auth in Exchange…
  • Zoom Phone Provider Exchange Zoom Launches New Phone Provider Exchange Program
  • Google G Suite, Workspace Google Workspace Getting Two New Security Features
  • Sharp NEC PE456USL Sharp NEC Display Solutions Launches New Short-throw Projector

Free downloadable guide you may like:

  • Uber Advanced Technologies Group Drives its Business Forward

    The guiding principle for the new Uber meeting room redesign was “invisible comfort” to ensure that everyone could maximize productivity.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Uber Advanced Technologies Group Drives its Business Forward

The guiding principle for the new Uber meeting room redesign was “invisible comfort” to ensure that everyone could maximize productivity.

Windows 11
Blueprint Series: Upgrading to Windows 11

Upgrading end users to Windows 11 could be one of the most challenging tasks IT has to face in the coming years. Although the new version is touted...

The State of the IT Department in 2022

The role of the IT professional has shifted from one that supports the business to one that is deserving of a seat at the table when it comes to ma...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2022 Emerald X, LLC. All rights reserved.