Cisa has added a new vulnerability to itsKnown catalog of exploited vulnerabilities (KEV)Based on the evidence of active exploitation.
These types of vulnerabilities are frequent attack vectors for malicious cyber-actors and have significant risks for the federal enterprise.
Although the BOB 22-01 only applies to FCEB agencies, the CISA greatly urges all organizations to reduce their exposure to cyber attacks by prioritizing sanitation timely toKev catalog vulnerabilitiesAs part of their vulnerability management practice. Cisa will continue to add vulnerabilities to the catalog that responds toSpecified criteria.
