The Cybersecurity and Infrastructure Security Agency (CISA) has added seven vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Apple (2), Microsoft (2), SAP, Google Chrome, and Palo Alto Networks.
An attacker could exploit these vulnerabilities to take control of impacted systems.
Apple CVE exploits
Two recently patched zero-day Apple ‘Apple iOS and macOS Out-of-Bounds Write’ vulnerabilities (CVE-2022-32893 and CVE-2022-32894) were added to the exploited vulnerability catalog on August 18.
“Apple is aware of a report that this issue may have been actively exploited,” Apple warned in the advisory.
The WebKit flaw CVE-2022-32893 could allow the processing of maliciously crafted web content and lead to arbitrary code execution. WebKit is Apple’s HTML rendering software and is part of Apple’s browser engine.
The second zero-day Kernel vulnerability CVE-2022-32894 could allow a malicious application to execute arbitrary code with kernel privileges. An attacker would likely first need to compromise the victim’s device via previously mentioned WebKit flaw.
Microsoft CVE exploits
Moreover, two Microsoft vulnerabilities were added to the Exploit Catalog:
- CVE-2022-26923: Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
- CVE-2022-21971: Microsoft Windows Runtime Remote Code Execution Vulnerability
Microsoft patched CVE-2022-26923 as part of May’s software updates.
Microsoft stated in the advisory CVE-2022-26923 is also “more likely” to be exploited and further clarified “an authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege.”
CVE-2022-21971 was also patched back on February this year.
Finally, CISA added three other CVEs to the Exploit Catalog:
- CVE-2022-22536: SAP Multiple Products HTTP Request Smuggling Vulnerability.
- CVE-2022-2856: Google Chrome Intents Insufficient Input Validation Vulnerability.
- CVE-2017-15944: Palo Alto Networks PAN-OS Remote Code Execution Vulnerability.
Readers can check out the full CISA Known Exploited Vulnerabilities Catalog for a complete list of the most recently added exploited vulnerabilities as of August 18, 2022.
- Cyber threat actors exploit Zimbra Collaboration Suite vulnerabilities
- CISA adds Zimbra vulnerability (CVE-2022-27924) to Known Exploited Vulnerabilities Catalog
- CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include PwnKit)
- CISA adds 1 Zimbra and 3 Microsoft vulnerabilities to Known Exploited Vulnerabilities Catalog
- The top 20 vulnerabilities to patch now (that are most under attack)