ISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
- CVE-2022-47986 IBM Aspera Faspex Code Execution Vulnerability
- CVE-2022-41223 Mitel MiVoice Connect Code Injection Vulnerability
- CVE-2022-40765 Mitel MiVoice Connect Command Injection Vulnerability
Source: U.S. Cybersecurity and Infrastructure Security Agency
Related story: CISA Releases Two Industrial Control Systems Advisories