Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kyaw_Myo_Oo
Contributor II
‎10-14-2023 01:08 PM
‎10-14-2023 01:08 PM

CISA Adds Five Vulnerabilities to KEV

Dear All,

 

On Tuesday, October 10, the US Cybersecurity and Infrastructure Security Agency (CISA) added five vulnerabilities to its Known Exploited Vulnerabilities (KEV) database, including a use-after-free vulnerability in Adobe Acrobat and Reader; a patch has been available for the flaw since January 2023. The other recently-added KEV entries are an out-of-bounds write vulnerability in Cisco IOS and IOS XE; the two zero-days that Microsoft addressed in this week’s Patch Tuesday; and a rapid reset attack vulnerability in HTTP/2.

Known Exploited Vulnerabilities Catalog | CISA

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | CCSE | CISSP | PMP
Labels
Reply
2 Replies
Early_Adopter
Community Champion
‎10-15-2023 07:31 AM
‎10-15-2023 07:31 AM

Gotta get it all patched - if you have year old CVEs in your components even if you check say “naw, that’s alright!” - it’s probably the tip of the iceberg… you will be owned eventually.
Reply
Kyaw_Myo_Oo
Contributor II
‎10-21-2023 01:43 AM
‎10-21-2023 01:43 AM

Thanks for sharing your thoughts and views. @Early_Adopter 

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | CCSE | CISSP | PMP
Reply