www.cisa.gov
Open in
urlscan Pro
2a02:26f0:3500:891::447a
Public Scan
Submitted URL: https://us-cert.cisa.gov/ncas/current-activity/2023/02/16/cisa-adds-one-known-exploited-vulnerability-catalog
Effective URL: https://www.cisa.gov/uscert/ncas/current-activity/2023/02/16/cisa-adds-one-known-exploited-vulnerability-catalog
Submission: On February 16 via api from US — Scanned from DE
Effective URL: https://www.cisa.gov/uscert/ncas/current-activity/2023/02/16/cisa-adds-one-known-exploited-vulnerability-catalog
Submission: On February 16 via api from US — Scanned from DE
Form analysis 1 forms found in the DOM
https://public.govdelivery.com/accounts/USDHSCISA/subscribers/qualify
<form action="https://public.govdelivery.com/accounts/USDHSCISA/subscribers/qualify"><label class="visually-hidden" for="email-address-field">Enter your email address</label> <input class="signup-form" id="email-address-field" name="email"
placeholder=" Enter your email address" title="Enter your email address" type="text"><br><input class="btn btn-primary" name="submit" title="Sign up for alerts" type="submit" value="Sign Up"> </form>Text Content
Skip to main content An official website of the United States government Here's how you know Official websites use .gov A .gov website belongs to an official government organization in the United States. Secure .gov websites use HTTPS A lock () or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites. CISA.gov Services Report -------------------------------------------------------------------------------- Toggle navigation CISA.gov Services Report CERTMAIN MENU * Alerts and Tips * Resources * Industrial Control Systems -------------------------------------------------------------------------------- 1. National Cyber Awareness System > 2. Current Activity > 3. CISA Adds One Known Exploited Vulnerability to Catalog CISA ADDS ONE KNOWN EXPLOITED VULNERABILITY TO CATALOG Original release date: February 16, 2023 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and poses a significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the specified criteria. This product is provided subject to this Notification and this Privacy & Use policy. Please share your thoughts. We recently updated our anonymous product survey; we'd welcome your feedback. LATEST ALERTS * #StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities Thursday, February 9, 2023 * ESXiArgs Ransomware Virtual Machine Recovery Guidance Wednesday, February 8, 2023 * Protecting Against Malicious Use of Remote Monitoring and Management Software Wednesday, January 25, 2023 More Alerts » RECENT VULNERABILITIES * VU#794340: OpenSSL 3.0.0 to 3.0.6 decodes some punycode email addresses in X.509 certificates improperly Wednesday, February 15, 2023 at 4:00 PM * VU#434994: Multiple race conditions due to TOCTOU flaws in various UEFI Implementations Wednesday, January 25, 2023 at 4:42 PM * VU#572615: Vulnerabilities in TP-Link routers, WR710N-V1-151022 and Archer C5 V2 Monday, January 23, 2023 at 9:26 AM * VU#986018: New Netcomm router models NF20MESH, NF20, and NL1902 vulnerabilities Tuesday, January 17, 2023 at 12:29 PM * VU#730793: Heimdal Kerberos vulnerable to remotely triggered NULL pointer dereference Thursday, January 12, 2023 at 11:59 AM More Vulnerability Notes » CONTACT US (888)282-0870 Send us email Download PGP/GPG keys Submit website feedback SUBSCRIBE TO ALERTS Receive security alerts, tips, and other updates. Enter your email address HSIN Report -------------------------------------------------------------------------------- Home Site Map FAQ Contact Us Traffic Light Protocol PCII Accountability Disclaimer Privacy Policy FOIA No Fear Act AccessibilityPlain WritingPlug-ins Inspector General The White House USA.gov CISA is part of the Department of Homeland Security