Sunday, November 24, 2024
CISA Exploit List

CISA Active Exploit List – January 2022

by Artie Kaye

The US Cybersecurity and Infrastructure Security Agency have added several items to their list of must address exploits. As these are actively being used by attackers in the wild it is recommended to resolve the issues. Below are the companies, CVE numbers, and links to the solutions for said problems. (Links open in a new tab/window.)

CompanyCVEPlatformDetails
AppleCVE-2022-42856Multiplehttps://support.apple.com/en-us/HT213516
CitrixCVE-2022-27518ADC, Gatewayhttps://www.citrix.com/blogs/2022/12/13/critical-security-update-now-available-for-citrix-adc-citrix-gateway/
FortinetCVE-2022-42475FortiOShttps://www.fortiguard.com/psirt/FG-IR-22-398
GoogleCVE-2022-4262Desktophttps://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop.html
MicrosoftCVE-2022-44698Windows SmartScreenhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44698
TIBCOCVE-2018-18809JasperReports Libraryhttps://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-6-2019-tibco-jasperreports-library-2018-18809
CVE-2018-5430JasperReports Serverhttps://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5430
VeeamCVE-2022-26501
CVE-2022-26500
Backup and Replicationhttps://www.veeam.com/kb4288

For a more comprehensive list of all vulnerabilities, visit cisa.gov (Opens in a new tab/window.)