all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CISA Adds CVE-2022-41080 and CVE-2023-21674 to the Known Exploited Vulnerabilities Catalog

Add to bookmarks
Jan. 17, 2023, 5:22 a.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

FortiGuard Labs is aware that the Cybersecurity & Infrastructure Security Agency (CISA) added CVE-2022-41080 (Microsoft Exchange Server Elevation of Privilege Vulnerability) and CVE-2023-21674 (Microsoft Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability) to their Known Exploited Vulnerabilities catalog on January 10, 2023. The catalog list vulnerabilities that are being actively exploited in the wild and require federal agencies to apply patches by the due date.Why is this Significant?This is significant because CVE-2022-41080 (Microsoft Exchange Server Elevation of Privilege …

actively exploited advanced agency alpc amp aware call catalog cisa cve cve-2022-41080 cve-2023-21674 cybersecurity exchange exchange server exploited federal federal agencies infrastructure infrastructure security january known exploited vulnerabilities known exploited vulnerabilities catalog labs list local microsoft microsoft exchange microsoft exchange server microsoft windows patches privilege procedure security server vulnerabilities vulnerability windows

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040) 19 hours ago | fortiguard.fortinet.com
attackers attacks cisa cisa known exploited vulnerabilities +27
ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359) 2 days, 20 hours ago | fortiguard.fortinet.com
adaptive security advisory april arcanedoor +22
Akira Ransomware Attack (CVE-2023-20269 and CVE-2020-3259) 2 days, 21 hours ago | fortiguard.fortinet.com
access advisory akira akira ransomware +17
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 1 week, 4 days ago | fortiguard.fortinet.com
advisory attack code code injection +27
XZ Utils Supply Chain Attack (CVE-2024-3094) 3 weeks, 2 days ago | fortiguard.fortinet.com
attack code compression cve +25
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256) 4 weeks, 2 days ago | fortiguard.fortinet.com
access attacker code code execution +25
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) 1 month ago | fortiguard.fortinet.com
access application application developers attackers +31
Kimsuky Malware Attack 1 month ago | fortiguard.fortinet.com
attack cyber entities espionage +15
JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199) 1 month, 1 week ago | fortiguard.fortinet.com
attacker authentication authentication bypass bypass +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Principal Security Analyst - Threat Labs (Position located in India) (Remote)

@ KnowBe4, Inc. | Kochi, India
View on infosec-jobs.com

Cyber Security - Cloud Security and Security Architecture - Manager - Multiple Positions - 1500860

@ EY | Dallas, TX, US, 75219
View on infosec-jobs.com

Enterprise Security Architect (Intermediate)

@ Federal Reserve System | Remote - Virginia
View on infosec-jobs.com

Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Associate -- Dallas

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com

Vulnerability Management Team Lead - North Central region (Remote)

@ GuidePoint Security LLC | Remote in the United States
View on infosec-jobs.com
View more jobs