Download Ransomware Index Update Q1 2022

DHS CISA KEVs Weekly Edition 6: Patch Before you Hit the Deadline

Posted on Jun 10, 2022 | By Pavithra Shankar

On June 8, 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) has added 36 new vulnerabilities, bringing the total number of exploited bugs to 777. 

This blog lists all of the DHS CISA KEVs that need to be patched this week (June 1 to June 12, 2022).

The federal agencies are expected to patch 14 known exploited vulnerabilities in the DHS CISA catalog this week in time for the June 1 to June 12, 2022 deadline. Based on our analysis of these  KEVs, we found that -

How Far Back Do They Go?

Of the 14 KEVs, 11 CVEs are old vulnerabilities dating from 2010 to 2021, with a patch deadline of June 1 to June 12, 2022. 

Which Vendors Are Affected?

These 14 CVEs that have a patch deadline of June 1 to June 12, 2022, affect 13 vendors such as Apache, Atlassian, RedHat, Vmware, and Linux.

Severity Scores

Software Weaknesses

10 out of the 14 KEVs with a patch due date between June 1 to June 12, 2022 fall under the Top 40 Most Dangerous Software Weaknesses and OWASP Top 10:2021.

Table: DHS CISA KEVs

Understand the Immediate Priorities

CISA encourages organizations to reduce their exposure to cyberattacks by patching the vulnerabilities on the Known Exploited Vulnerability Catalog in a timely manner as part of their vulnerability management practices.

 

To know more about our CISA known exploited vulnerabilities catalog analysis and vulnerabilities to be patched in June Month. Click here

Never miss a patch or an update with CSW’s Patch Watch Newsletter. Subscribe now!

Test your defense to know how secure you are…