CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

CVE-2023-35078 Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column—which will sort by descending dates.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Source link

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Releases Seven Industrial Control Systems Advisories

CISA Adds Three Known Exploited Vulnerabilities to Catalog

ControlbyWeb Relay | CISA

CISA Releases Seven Industrial Control Systems Advisories

Contemporary Controls BASC 20T | CISA

GPL Odorizers GPL750 | CISA

CISA Adds One Known Exploited Vulnerability to Catalog

Cybersecurity Resilience Specialist – Governance Risk and Compliance

Principal Cybersecurity – Cloud Security Strategy

Cybersecurity Engineer

Cybersecurity Engineer Principal

Cybersecurity Analyst III, Patch Management

Cybersecurity Engineering Support