Feed aggregator
CISA Adds Three Known Exploited Vulnerabilities to Catalog
Feb 21, 2023
Original release date: February 21, 2023CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-47986 IBM Aspera Faspex Code Execution Vulnerability CVE-2022-41223 Mitel MiVoice Connect Code Injection Vulnerability CVE-2022-40765 Mitel MiVoice Connect Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column—which will sort by descending dates. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. This product is provided subject to this Notification and this Privacy & Use policy.
CISA Releases Two Industrial Control Systems Advisories
Feb 21, 2023
Original release date: February 21, 2023CISA released two (2) Industrial Control Systems (ICS) advisories on February 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-052-01 Mitsubishi Electric MELSOFT iQ AppPortal ICSMA-21-187-01 Philips Vue PACS (Update C) This product is provided subject to this Notification and this Privacy & Use policy.
CISA Releases Fifteen Industrial Control Systems Advisories
Feb 16, 2023
Original release date: February 16, 2023CISA released fifteen (15) Industrial Control Systems (ICS) advisories on February 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-047-01 Siemens Solid Edge ICSA-23-047-02 Siemens SCALANCE X-200 IRT ICSA-23-047-03 Siemens Brownfield Connectivity Client ICSA-23-047-04 Siemens Brownfield Connectivity Gateway ICSA-23-047-05 Siemens SiPass integrated AC5102/ACC-G2 and ACC-AP ICSA-23-047-06 Siemens Simcenter Femap ICSA-23-047-07 Siemens TIA Project Server ICSA-23-047-08 Siemens RUGGEDCOM APE1808 ICSA-23-047-09 Siemens SIMATIC Industrial Products ICSA-23-047-10 Siemens COMOS ICSA-23-047-11 Siemens Mendix ICSA-23-047-12 Siemens JT Open, JT Utilities, and Parasolid ICSA-23-047-13 Sub-IoT DASH 7 Alliance Protocol ICSA-22-298-06 Delta Electronic DIAEnergie (Update B) ICSMA-23-047-01 BD Alaris Infusion Central This product is provided subject to this Notification and this Privacy & Use policy.
CISA Adds One Known Exploited Vulnerability to Catalog
Feb 16, 2023
Original release date: February 16, 2023CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and poses a significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the specified criteria. This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Advisories for Multiple Products
Feb 16, 2023
Original release date: February 16, 2023Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the following advisories and apply the necessary updates. ClamAV HFS+ Partition Scanning Buffer Overflow Vulnerability Affecting Cisco Products: February 2023 cisco-sa-clamav-q8DThCy Cisco Nexus Dashboard Denial of Service Vulnerability cisco-sa-ndb-dnsdos-bYscZOsu Cisco Email Security Appliance and Cisco Secure Email and Web Manager Vulnerabilities cisco-sa-esa-sma-privesc-9DVkFpJ8 This product is provided subject to this Notification and this Privacy & Use policy.
Adobe Releases Security Updates for Multiple Products
Feb 14, 2023
Original release date: February 14, 2023Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates. After Effects APSB23-02 Connect APSB23-05 FrameMaker APSB23-06 Bridge APSB23-09 Photoshop APSB23-11 InDesign APSB23-12 Premiere Rush APSB23-14 Animate APSB23-15 Substance 3D Stager APSB23-16 This product is provided subject to this Notification and this Privacy & Use policy.
Mozilla Releases Security Updates for Firefox 110 and Firefox ESR
Feb 14, 2023
Original release date: February 14, 2023Mozilla has released security updates to address vulnerabilities in Firefox 110 and Firefox ESR. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla’s security advisories for Firefox 110 and Firefox ESR 102.8 for more information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Citrix Releases Security Updates for Workspace Apps, Virtual Apps and Desktops
Feb 14, 2023
Original release date: February 14, 2023Citrix has released security updates to address high-severity vulnerabilities (CVE-2023-24486, CVE-2023-24484, CVE-2023-24485, and CVE-2023-24483) in Citrix Workspace Apps, Virtual Apps and Desktops. A local user could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix security bulletins CTX477618, CTX477617, and CTX477616 for more information and to apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
CISA Adds Four Known Exploited Vulnerabilities to Catalog
Feb 14, 2023
Original release date: February 14, 2023CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the specified criteria. This product is provided subject to this Notification and this Privacy & Use policy.
Microsoft Releases February 2023 Security Updates
Feb 14, 2023
Original release date: February 14, 2023Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s February 2023 Security Update Guide and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Apple Releases Security Updates for Multiple Products
Feb 14, 2023
Original release date: February 14, 2023Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible: • Safari 16.3.1 • iOS 16.3.1 and iPadOS 16.3.1 • macOS 13.2.1 This product is provided subject to this Notification and this Privacy & Use policy.
CISA Releases One Industrial Control Systems Advisory
Feb 14, 2023
Original release date: February 14, 2023CISA released one Industrial Control Systems (ICS) advisory on February 14, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: ICSA-23-045-01 Weintek EasyBuilder Pro cMT Series This product is provided subject to this Notification and this Privacy & Use policy.
CISA Adds Three Known Exploited Vulnerabilities to Catalog
Feb 10, 2023
Original release date: February 10, 2023CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the specified criteria. This product is provided subject to this Notification and this Privacy & Use policy.
#StopRansomware - Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities
Feb 9, 2023
Original release date: February 9, 2023CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and Republic of Korea’s Defense Security Agency and National Intelligence Service have released a joint Cybersecurity Advisory (CSA), Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities, to provide information on ransomware activity used by North Korean state-sponsored cyber to target various critical infrastructure sectors, especially Healthcare and Public Health (HPH) Sector organizations. The authoring agencies urge network defenders to examine their current cybersecurity posture and apply the recommended mitigations in this joint CSA, which include: Train users to recognize and report phishing attempts. Enable and enforce phishing-resistant multifactor authentication. Install and regularly update antivirus and antimalware software on all hosts. See Ransomware Attacks on Critical Infrastructure Fund DPRK Espionage Activities for ransomware actor’s tactics, techniques, and procedures, indicators of compromise, and recommended mitigations. Additionally, review StopRansomware.gov for more guidance on ransomware protection, detection, and response. For more information on state-sponsored North Korean malicious cyber activity, see CISA’s North Korea Cyber Threat Overview and Advisories webpage. This product is provided subject to this Notification and this Privacy & Use policy.
CISA Releases Six Industrial Control Systems Advisories
Feb 9, 2023
Original release date: February 9, 2023CISA released six Industrial Control Systems (ICS) advisories on February 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-040-01 Control By Web X-400, X-600M ICSA-23-040-02 LS Electric XBC-DN32U ICSA-23-040-03 Johnson Controls System Configuration Tool (CST) ICSA-23-040-04 Horner Automation Cscape Envision RV ICSA-22-179-02 Omron SYSMAC CS-CJ-CP Series and NJ-NX Series (Update A) ICSA-22-354-03 ARC Informatique PcVue (Update A) This product is provided subject to this Notification and this Privacy & Use policy.
OpenSSL Releases Security Advisory
Feb 9, 2023
Original release date: February 9, 2023OpenSSL has released a security advisory to address multiple vulnerabilities affecting OpenSSL versions 3.0.0, 2.2.2, and 1.0.2. An attacker could exploit some of these vulnerabilities to obtain sensitive information. CISA encourages users and administrators to review the OpenSSL advisory and make the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
CISA and FBI Release ESXiArgs Ransomware Recovery Guidance
Feb 8, 2023
Original release date: February 8, 2023Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory, ESXiArgs Ransomware Virtual Machine Recovery Guidance. This advisory describes the ongoing ransomware campaign known as “ESXiArgs.” Malicious cyber actors may be exploiting known vulnerabilities in unpatched and out-of-service or out-of-date versions of VMware ESXi software to gain access to ESXi servers and deploy ESXiArgs ransomware. The ransomware encrypts configuration files on ESXi servers, potentially rendering virtual machines unusable. As detailed in the advisory, CISA has created and released an ESXiArgs recovery script at https://github.com/cisagov/ESXiArgs-Recover. CISA and FBI encourage organizations that have fallen victim to ESXiArgs ransomware to consider using the script to attempt to recover their files. Additionally, CISA and FBI encourage all organizations to review the advisory and incorporate the recommendations for protecting against ESXiArgs ransomware. This product is provided subject to this Notification and this Privacy & Use policy.
CISA Releases ESXiArgs Ransomware Recovery Script
Feb 7, 2023
Original release date: February 7, 2023CISA has released a recovery script for organizations that have fallen victim to ESXiArgs ransomware. The ESXiArgs ransomware encrypts configuration files on vulnerable ESXi servers, potentially rendering virtual machines (VMs) unusable. CISA recommends organizations impacted by ESXiArgs evaluate the script and guidance provided in the accompanying README file to determine if it is fit for attempting to recover access to files in their environment. Organizations can access the recovery script here: https://github.com/cisagov/ESXiArgs-Recover This product is provided subject to this Notification and this Privacy & Use policy.
CISA Releases One Industrial Control Systems Advisory
Feb 7, 2023
Original release date: February 7, 2023CISA released one Industrial Control Systems (ICS) advisory on February 7, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: ICSA-23-037-01 EnOcean SmartServer This product is provided subject to this Notification and this Privacy & Use policy.
CISA Releases Six Industrial Control Systems Advisories
Feb 2, 2023
Original release date: February 2, 2023CISA released six Industrial Control Systems (ICS) advisories on February 2, 2023.These advisories provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-033-01 Delta Electronics DIAScreen ICSA-23-033-02 Mitsubishi Electric GOT2000 Series and GT SoftGOT2000 ICSA-23-033-03 Baicells Nova ICSA-23-033-04 Delta Electronics DVW-W02W2-E2 ICSA-23-033-05 Delta Electronics DX-2100-L1-CN ICSA-22-221-01 Mitsubishi Electric Multiple Factory Automation Products (Update D) This product is provided subject to this Notification and this Privacy & Use policy.
