The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added fifteen security issues to their catalog of vulnerabilities. CISA’s warning is meant to inform system administrators and ensure they prioritize installing security updates. Organizations that don’t protect their networks with the newest security updates are making themselves easy targets to threat actors and ransomware groups. The flaws are a mix of old and new, ranging from 2014 to 2021. CISA also provided a patch deadline in the alert. The most recent one, CVE-2021-36934, is a Microsoft Windows SAM (Security Accounts Manager) vulnerability that allows anyone to access the Registry database files on Windows 10 and 11 and obtain passwords and administrator privileges. CISA’s list of known exploited vulnerabilities has now reached 367 security vulnerabilities. The list serves as a reminder that organizations need to find solutions for no longer supported hardware that is connected to sensitive parts of their network.
Analyst Notes
As stated in the CISA alert: “Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats.”
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the meet the specified criteria.
https://www.bleepingcomputer.com/news/security/cisa-urges-orgs-to-patch-actively-exploited-windows-serioussam-bug/
https://www.cisa.gov/uscert/ncas/current-activity/2022/02/10/cisa-adds-15-known-exploited-vulnerabilities-catalog
