There are 778 vulnerabilities in the US Cybersecurity and Infrastructure Security Agency (CISA) list with 4 of them added recently. Among these vulnerabilities, 75 of them need to be patched this week (June 13 to June 17, 2022).
The federal agencies are required to meet this deadline and ensure that the patches are deployed and their systems protected against malicious attacks.
We analysed the CISA Known Exploited Vulnerabilities (KEVs) and found that –
How Far Back Do They Go?
Of the 75 KEVs, 74 CVEs are old vulnerabilities dating from 2010 to 2021, with a patch deadline of June 13, 2022 to June 19, 2022.
Which Vendors Are Affected?
There are 15 vendors that are affected by the CVEs having a patch deadline of June 13 to June 19, 2022. They are listed below:
Severity Scores
39 of these vulnerabilities have a very high CVSS score and need to be patched immediately.
Software Weaknesses
Table: DHS CISA KEVs
Most of the CVEs that require patching are trending in the cyber realm, meaning that these are actively being scoped out and exploited by attackers. Therefore, it is essential that public and private organizations dedicate resources to identify and patch these vulnerabilities as soon as possible.
To know more about our CISA known exploited vulnerabilities catalog analysis and vulnerabilities to be patched in June Month. Click here