The US Cybersecurity and Infrastructure Security Agency (CISA) added both a newly discovered flaw and a much older one to its catalog of Known Exploited Vulnerabilities (KEV).
The KEV catalog gives Federal Civilian Executive Branch (FCEB) agencies a list of vulnerabilities that are known to be exploited in the wild, along with deadlines for when they must be patched. In both of these cases, the due date is January 28, 2026. But CISA alerts are not just for government agencies. They also provide guidance to businesses and end users about which vulnerabilities should be patched first, based on real-world exploitation.
Read more…
Source: Malwarebytes Labds
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cisco Warns of Critical Vulnerability Revealed in ‘Vault 7’ Data Dump
March 20, 2017
Cisco Systems warned customers on Friday of a critical vulnerability that could allow an attacker to execute arbitrary code and obtain full control on more than 300 different models of its switches and routers. Cisco said it became aware of the vulnerability after WikiLeaks released its Vault 7 cache of documents that revealed the existence ...

