Download Ransomware Index Update Q1 2022

DHS CISA KEVs Weekly Edition 7: Patch Before you Hit the Deadline

Posted on Jun 17, 2022 | By Supriya Aluri

There are 778 vulnerabilities in the US Cybersecurity and Infrastructure Security Agency (CISA) list with 4 of them added recently. Among these vulnerabilities, 75 of them need to be patched this week (June 13 to June 17, 2022). 

The federal agencies are required to meet this deadline and ensure that the patches are deployed and their systems protected against malicious attacks.

We analysed the CISA Known Exploited Vulnerabilities (KEVs) and found that -

 

How Far Back Do They Go?

Of the 75 KEVs, 74 CVEs are old vulnerabilities dating from 2010 to 2021, with a patch deadline of June 13, 2022 to June 19, 2022. 

 

Which Vendors Are Affected?

There are 15 vendors that are affected by the CVEs having a patch deadline of June 13 to June 19, 2022. They are listed below:


 

Severity Scores

39 of these vulnerabilities have a very high CVSS score and need to be patched immediately.

 

 

Software Weaknesses

 


 

                                                                      Table: DHS CISA KEVs

Most of the CVEs that require patching are trending in the cyber realm, meaning that these are actively being scoped out and exploited by attackers. Therefore, it is essential that public and private organizations dedicate resources to identify and patch these vulnerabilities as soon as possible. 

 

To know more about our CISA known exploited vulnerabilities catalog analysis and vulnerabilities to be patched in June Month. Click here

 

 

Subscribe to our blogs and let us decode the CISA KEV for you.

Test your defense to know how secure you are…