Why Should Schools Prioritize Cybersecurity?

DHS CISA KEVs Weekly Edition 12: Patch Before you Hit the Deadline

Posted on Jul 27, 2022 | By Supriya Aluri

This week, CISA has recommended that patches should be applied for six vulnerabilities by July 28, 2022. All these CVEs are trending now, with one CVE having ransomware associations. Let us look at all the CVEs that need to be patched this week.

 

How Far Back Do They Go?

Three of the six KEVs were discovered in 2014 and classified as critical CVEs. 

Which Vendors Are Affected?

Three prominent vendor products are affected by the vulnerabilities that need to be patched by July 28, 2022.

Severity Scores

Patching these vulnerabilities is of high priority, as most of them rank critical on the CVSS.

Software Weaknesses

The following CWEs have caused the six vulnerabilities that need to be patched this week.


 

Table: DHS CISA KEVs

CVE-2014-6271 is involved in 29 known exploits. Since hackers favor this considerably, the federal government has decreed that it must be prioritized and patched urgently. Similarly, several CVEs on the KEV list have been involved in many exploits. Organizations must be on the lookout for them and remediate them when patches are made available.

Keep watching this space for updates on CVE patch deadlines

Subscribe to our blogs and let us decode the CISA KEV for you.

Test your defense to know how secure you are…