[CISA-2023:0330] CISA Adds 9 Known Exploited Vulnerabilities to Catalog
CISA has added 9 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
[CVE-2013-3163] Microsoft Internet Explorer Memory Corruption Vulnerability
Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial of service via a crafted website.
- Action The impacted product is end-of-life and should be disconnected if still in use.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Microsoft
- Product: Internet Explorer
- Due Date: Thu Apr 20 00:00:00 2023
- Notes: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-055; https://nvd.nist.gov/vuln/detail/CVE-2013-3163
[CVE-2017-7494] Samba Remote Code Execution Vulnerability
Samba contains a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share and then cause the server to load and execute it.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Known
- Vendor: Samba
- Product: Samba
- Due Date: Thu Apr 20 00:00:00 2023
- Notes: https://www.samba.org/samba/security/CVE-2017-7494.html; https://nvd.nist.gov/vuln/detail/CVE-2017-7494
[CVE-2021-30900] Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Apple
- Product: iOS, iPadOS, and macOS
- Due Date: Thu Apr 20 00:00:00 2023
- Notes: https://support.apple.com/en-us/HT21286, https://support.apple.com/en-us/HT212868, https://support.apple.com/kb/HT212872; https://nvd.nist.gov/vuln/detail/CVE-2021-30900
[CVE-2022-22706] Arm Mali GPU Kernel Driver Unspecified Vulnerability
Arm Mali GPU Kernel Driver contains an unspecified vulnerability that allows a non-privileged user to achieve write access to read-only memory pages.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Arm
- Product: Mali Graphics Processing Unit (GPU)
- Due Date: Thu Apr 20 00:00:00 2023
- Notes: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities; https://nvd.nist.gov/vuln/detail/CVE-2022-22706
[CVE-2022-3038] Google Chromium Network Service Use-After-Free Vulnerability
Google Chromium Network Service contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Google
- Product: Chromium Network Service
- Due Date: Thu Apr 20 00:00:00 2023
- Notes: https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html; https://nvd.nist.gov/vuln/detail/CVE-2022-3038
[CVE-2022-38181] Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Arm
- Product: Mali Graphics Processing Unit (GPU)
- Due Date: Thu Apr 20 00:00:00 2023
- Notes: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities; https://nvd.nist.gov/vuln/detail/CVE-2022-38181
[CVE-2022-39197] Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability
Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Fortra
- Product: Cobalt Strike
- Due Date: Thu Apr 20 00:00:00 2023
- Notes: https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-1/; https://nvd.nist.gov/vuln/detail/CVE-2022-39197
[CVE-2022-42948] Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability
Fortra Cobalt Strike User Interface contains an unspecified vulnerability rooted in Java Swing that may allow remote code execution.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Fortra
- Product: Cobalt Strike
- Due Date: Thu Apr 20 00:00:00 2023
- Notes: https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-2/; https://nvd.nist.gov/vuln/detail/CVE-2022-42948
[CVE-2023-0266] Linux Kernel Use-After-Free Vulnerability
Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user.
- Action Apply updates per vendor instructions.
- Known To Be Used in Ransomware Campaigns?: Unknown
- Vendor: Linux
- Product: Kernel
- Due Date: Thu Apr 20 00:00:00 2023
- Notes: https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.10/alsa-pcm-move-rwsem-lock-inside-snd_ctl_elem_read-to-prevent-uaf.patch?id=72783cf35e6c55bca84c4bb7b776c58152856fd4; https://nvd.nist.gov/vuln/detail/CVE-2023-0266
- ID
- CISA-2023:0330
- Severity
- critical
- Severity from
- CVE-2017-7494
- URL
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- Published
-
2023-03-30T00:00:00
(17 months ago) - Modified
-
2023-03-30T00:00:00
(17 months ago) - Other Advisories
-
- ALAS-2017-834
- ALPINE:CVE-2017-7494
- ALPINE:CVE-2022-3038
- ALSA-2023:1470
- ALSA-2023:1566
- ASA-201705-22
- CISCO-SA-20170530-SAMBA
- DSA-3860-1
- DSA-5223-1
- DSA-5324-1
- ELSA-2017-1270
- ELSA-2017-1271
- ELSA-2017-1272
- ELSA-2023-12196
- ELSA-2023-1470
- ELSA-2023-1566
- FEDORA-2017-570c0071c4
- FEDORA-2017-642a0eca75
- FEDORA-2017-c729c6123c
- FEDORA-2022-3ca063941b
- FEDORA-2022-3f28aa88cf
- FEDORA-2022-b49c9bc07a
- FREEBSD:6F4D96C0-4062-11E7-B291-B499BAEBFEAF
- FREEBSD:F2043FF6-2916-11ED-A1EF-3065EC8FD3EC
- GLSA-201805-07
- GLSA-202209-23
- MS:CVE-2022-3038
- MS:CVE-2023-0266
- RHSA-2017:1270
- RHSA-2017:1271
- RHSA-2023:1469
- RHSA-2023:1470
- RHSA-2023:1471
- RHSA-2023:1566
- RHSA-2023:1584
- RHSA-2023:1659
- RLSA-2023:1470
- RLSA-2023:1566
- SSA:2017-144-01
- SSA:2023-048-01
- SUSE-SU-2017:1391-1
- SUSE-SU-2017:1392-1
- SUSE-SU-2017:1393-1
- SUSE-SU-2017:1396-1
- SUSE-SU-2023:0152-1
- SUSE-SU-2023:0394-1
- SUSE-SU-2023:0406-1
- SUSE-SU-2023:0433-1
- SUSE-SU-2023:0485-1
- SUSE-SU-2023:0488-1
- SUSE-SU-2023:0618-1
- SUSE-SU-2023:0634-1
- SUSE-SU-2023:0779-1
- SUSE-SU-2023:1576-1
- SUSE-SU-2023:1591-1
- SUSE-SU-2023:1592-1
- SUSE-SU-2023:1595-1
- SUSE-SU-2023:1602-1
- SUSE-SU-2023:1619-1
- SUSE-SU-2023:1639-1
- SUSE-SU-2023:1640-1
- SUSE-SU-2023:1647-1
- SUSE-SU-2023:1649-1
- SUSE-SU-2023:1653-1
- SUSE-SU-2023:1708-1
- USN-3296-1
- USN-3296-2
- USN-5915-1
- USN-5917-1
- USN-5924-1
- USN-5927-1
- USN-5934-1
- USN-5939-1
- USN-5940-1
- USN-5951-1
- USN-5970-1
- USN-5975-1
- USN-5979-1
- USN-5981-1
- USN-5982-1
- USN-5984-1
- USN-5987-1
- USN-5991-1
- USN-6000-1
- USN-6004-1
- USN-6009-1
- USN-6030-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |