The US Cybersecurity and Infrastructure Security Agency (CISA) has identified 75 security vulnerabilities that pose a significant risk to its list of flaws that should be patched immediately. All of the vulnerabilities are known to be actively exploited, heightening the risk of an attack. For organizations, there are risks of attack exposure from the vulnerabilities as well. The CISA has warned the federal civilian executive branch (FCEB) agencies that they must patch the flaws on the list by the middle of June.
The listing is called the Known Exploited Vulnerabilities Catalog and was started on may 23 when 21 actively exploited security flaws were added to the listing, On May 24 and 25, there were additions of 20 and 34 flaws respectively. The vulnerabilities range in date of initial disclosure, impacted products, and applications, however, they are all related through the fact that the CISA has identified active exploitation by cyberattackers. The CISA urges organizations to sift through the Catalog vulnerabilities and apply patches when necessary as part of vulnerability management practice.
Read More: U.S. Cybersecurity Agency ‘Strongly Urges’ You Patch These 75 Actively Exploited Flaws
