The Cybersecurity and Infrastructure Security Agency (CISA) has added 95 vulnerabilities to its Known Exploited Vulnerabilities Catalog based on evidence that cyber criminals are actively exploiting the vulnerabilities.
A slew of software vulnerabilities were included in this release such as Apache Tomcat, Cisco’s Small Business RV routers, Microsoft, Exim, Adobe, Oracle and others.
Apache Tomcat “Ghostcat”
In February 2020, security researchers discovered a serious vulnerability CVE-2020-1938 in Apache Tomcat dubbed “Ghostcat” that could allow a bad actor to read or include any files in Tomcat webapp directories.
As a result, an attacker could execute malicious code on victim system by exploiting file inclusion through Ghostcat vulnerability via a web application file upload function.
Cisco Small Business RV routers
In early February 2022, Cisco warned “it is aware that proof-of-concept exploit code is available” for several Small Business RV router vulnerabilities such as CVE-2022-20699, CVE-2022-20700, CVE-2022-20701, CVE-2022-20703, and CVE-2022-20708.
For several of these Critical vulnerabilities (some rated CVSS score of 10.0), Cisco warned “a successful exploit could allow the attacker to execute code with root privileges on the affected device.”
Many other Cisco networking product vulnerabilities were also added such as IOS, XR, and XE Software.
In September 2019, researchers discovered Exim vulnerabilities that could allow hackers to execute remote code and compromise Exim systems.
At that time, researchers from Tenable issued new research that described how hackers could exploit CVE-2019-16928 by exploiting a heap-based buffer overflow issue via EHLO strings and take control of the impacted system.
In May of 2020, the National Security Agency (NSA) issued a warning of Russian cyber actors “Sandworm” exploiting another Exim issue, a Mail Transfer Agent (MTA) vulnerability CVE-2019-10149. The cyber attacks had been ongoing since last August of 2019. CISA added this Exim vulnerability to the catalogue earlier this year in January.