CISA Details Known Exploited Vulnerabilities Considerations Catalog
CISA Details Known Exploited Vulnerabilities
The CISA describes Known Exploited Vulnerabilties (CVEs) and the risks they pose. The CISA details known exploited vulnerabilities catalog, which should be 10 times larger than it currently is. Listed below are a few examples of the risks they present, and their respective patching requirements. These can help you prioritize your CISA efforts.
The CISA’s Known Exploited Vulnerabilties considerations catalog details the risks associated with each vulnerability. This catalog details the vulnerabilities that federal agencies should address, and the recommended actions to resolve these risks. In addition to providing a list of vulnerabilities, the CISA details how to assess whether each vulnerability in the catalog puts your organization at risk. The list is updated regularly, and you can easily find the latest vulnerabilities by accessing the CISA website.
The CISA Known Exploited Vulnerabilties Catalog details vulnerabilities that are being actively exploited. It is a comprehensive database of vulnerabilities, ranked by active exploitation in the wild. The more active exploited vulnerabilities are, the higher the priority for mitigating them. CISA recommends that state, local, tribal, and federal government agencies patch vulnerabilities as part of their vulnerability management efforts.
The newest CISA Known Exploited Vulnerabilies considerations catalog includes vulnerabilities that affect Cisco IOS XR open port, which allows unauthenticated access to Redis. The Android Linux Kernel flaws were only used in limited attacks targeting Android devices. Windows Elevated Privileges vulnerability was added last week and was used by the ransomware gang Conti in corporate attacks.
CISA Details Known Exploited Vulnerabilities Considerations Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) clarified the CISA requirements for adding new KEVs to its Known Exploited Vulnerabilties (KEVs) catalog. In addition to CVE identifiers, KEVs also include the necessary patches, mitigations, and workarounds. These issues are added to the catalog within 24 hours of receiving proof of exploitation.
Another difference between CISA and the NVD is the severity ratings. While CVSS severity ratings are based on the number of exploits, CISA is based on active exploits and is more accurate than CVSS severity for describing the risk. For example, a medium vulnerability may not be exploited, but an attacker might use it to gain access to sensitive data.
CISA has updated its list of Known Exploited Vulnerabilities (CVE) as it continues to identify new ones. The CISA Insights are intended for the leadership of organizations and the owners of critical infrastructure. CISA encourages all affected organizations to review their lists and update any vulnerable software immediately. You should also update the software of the vulnerable systems if possible and apply the recommended mitigations.