CISA has created a catalog called “Known Exploited Vulnerabilities Catalog,” in which more than 15 major flaws have been highlighted
CISA from the US has recently revealed that hackers are misusing the vulnerabilities coming from top companies in the technology space. Some of the biggest names in the list are Oracle, Apple, Microsoft, and Apache, among others. CISA, in its statement, has made it clear that these types of vulnerabilities are frequently being leveraged by cybercriminals of all types and have caused serious damages to federal enterprises. CISA has created a catalog called “Known Exploited Vulnerabilities Catalog,” in which more than 15 major flaws have been highlighted. Most of the well-known vulnerabilities were made public between the years 2014 to 2020.
These mentioned vulnerabilities affect Jenkins, ActiveMQ, WebLogic by Oracle, Windows, MS Office, Apple’s OS system, and D-Link routers. Microsoft vulnerability CVE-2021-36934 was one of the latest known defects that were previously fixed by the tech giant Microsoft in 2021. The Microsoft vulnerability CVE-2021-36934 was also added to the list. CVEs are publicly disclosed by the company, and when the issue was made public in July, Microsoft had released various mitigations and workarounds. CISA has stated that every federal agency must now patch all their systems against actively exploited vulnerabilities. The catalog acts as a list of known CVEs that can potentially harm federal enterprises.