Sunday, November 24, 2024
CISA Exploit List

CISA Active Exploit List – March Update

by Artie Kaye

The US Cybersecurity and Infrastructure Security Agency have added several items to their list of must-address exploits. As these are actively used by attackers in the wild, it is recommended to resolve the issues as soon as possible. Below are the companies, CVE numbers, and links to solutions for said problems. All links open in a new tab or window.

    Company                  CVE                        Platform                                                                  Details                                                        
AppleCVE-2023-23529iOS 16.3.1
macOS Ventura 13.2.1
Safari 16.3
https://support.apple.com/en-us/HT213635
https://support.apple.com/en-us/HT213633
https://support.apple.com/en-us/HT213638
CactiCVE-2022-46169Cactihttps://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf
FortraCVE-2023-0669GoAnywhere MFThttps://my.goanywhere.com/webclient/DownloadProductFiles.xhtml
(Requires a user account to gain access to patch)
IBMCVE-2022-47986Aspera Faspexhttps://exchange.xforce.ibmcloud.com/vulnerabilities/243512
IntelCVE-2015-2291Ethernet Diagnostics Driver for Windowshttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00051.html
MicrosoftCVE-2023-21823
CVE-2023-23376
Windowshttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21823
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23376
CVE-2023-21715Officehttps://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21715
MitelCVE-2022-40765
CVE-2022-41223
MiVoice Connecthttps://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0007
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0008
TerraMasterCVE-2022-24990TerraMaster OShttps://forum.terra-master.com/en/viewtopic.php?t=3030
ZK FrameworkCVE-2022-36537AuUploaderhttps://tracker.zkoss.org/browse/ZK-5150

For a more comprehensive list of all vulnerabilities, visit cisa.gov (Opens in a new tab/window.)