[CDP-development] CISA - Known Exploited Vulnerabilities Catalog Additions

MASSE, THERESA theresa.masse at cisa.dhs.gov
Wed Nov 17 14:59:56 PST 2021 

FYSA

CISA has updated the known exploited vulnerabilities catalog<https://www.cisa.gov/known-exploited-vulnerabilities-catalog> based on reliable evidence that threat actors are actively using these vulnerabilities to exploit public or private organizations.

The catalog update reflects the following additions:

CVE Number
CVE Title
CVE-2021-22204<https://nvd.nist.gov/vuln/detail/CVE-2021-22204>
Exiftool Remote Code Execution vulnerability
CVE-2021-40449<https://nvd.nist.gov/vuln/detail/CVE-2021-40449>
Microsoft Win32k Elevation of Privilege
CVE-2021-42292<https://nvd.nist.gov/vuln/detail/CVE-2021-42292>
Microsoft Excel Security Feature Bypass
CVE-2021-42321<https://nvd.nist.gov/vuln/detail/CVE-2021-42321>
Microsoft Exchange Server Remote Code Execution

Please see these helpful links below:
Sign up for automated alerts anytime a vulnerability is added.<https://www.cisa.gov/known-exploited-vulnerabilities>
Read the full text of the BOD including the frequently asked questions section for additional information.<https://cyber.dhs.gov/bod/22-01/>
BOD 22-01 Fact Sheet<https://www.cisa.gov/sites/default/files/publications/Reducing_the_Significant_Risk_of_Known_Exploited_Vulnerabilities_211103.pdf>


Please contact CISA (via the reporting portal<https://us-cert.cisa.gov/report> or by phone at 1-888-282-0870) to report an intrusion or to request either technical assistance or additional resources for incident response.

Theresa A. Masse
Cyber Security Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>

[cid:image001.png at 01D7DBC3.65B5D500]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20211117/4d7f8322/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 16152 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20211117/4d7f8322/attachment-0001.png>

More information about the CDP-development mailing list