CISA adds 8 Vulnerabilities to Active Bug List…

by

February 1, 2022

Eight actively exploited bugs have been added to the US Cybersecurity & Infrastructure Security Agency’s Known Exploited Vulnerabilities Catalog. The bugs are as follows:

CVE Number CVE Title Required Action Due Date
CVE-2022-22587 Apple IOMobileFrameBuffer Memory Corruption Vulnerability 2/11/2022
CVE-2021-20038 SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability 2/11/2022
CVE-2014-7169 GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability 7/28/2022
CVE-2014-6271 GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability 7/28/2022
CVE-2020-0787 Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability 7/28/2022
CVE-2014-1776 Microsoft Internet Explorer Use-After-Free Vulnerability 7/28/2022
CVE-2020-5722 Grandstream Networks UCM6200 Series SQL Injection Vulnerability 7/28/2022
CVE-2017-5689 Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability 7/28/2022

Not all of them are new but all of them are still problematic. CISA says that all of the vulnerabilities have been actively used in attacks. Some of the vulnerabilities, like CVE-2022-22587, was patched by Apple last week in a security update.

In total there are 351 vulnerabilities on CISA’s list. You can find that here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Don’t forget to follow us on LinkedIn and Twitter

Carl Keyser is the Content Manager at Integris.

Keep reading

Is DeepSeek Safe for My Company’s Systems?

Is DeepSeek Safe for My Company’s Systems?

China’s new DeepSeek AI engine Has Ushered in a New Era of Fast-Turn, Low-Cost AI Tools. But Are the Risks Worth the Rewards for US Companies? Key Takeaways: China's DeepSeek has been hailed as the nimble new competitor to US large language AI models—an alternative...

What Are Best Practices for Managing IT Projects?

What Are Best Practices for Managing IT Projects?

What Are Best Practices for Managing IT Projects? The Quick Take Managing IT projects effectively is crucial for ensuring success and maximizing ROI. Here are the best practices to follow: Define Clear Objectives and Scope: Set specific, measurable, achievable,...

What Is The Future of Managed IT Services?

What Is The Future of Managed IT Services?

What Is the Future of Managed IT Services? The Quick Take: The future of managed IT services for small and medium-sized businesses is bright, with the market expected to grow from $1.735 trillion to $2.173 trillion by 2028. Key trends driving this growth include:...