CISA adds five known exploited vulnerabilities to catalog
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation:
CVE-2017-7921 Hikvision Multiple Products Improper Authentication Vulnerability, CVE-2021-22681 Rockwell Multiple Products Insufficient Protected Credentials Vulnerability, CVE-2021-30952 Apple Multiple Products Integer Overflow or Wraparound Vulnerability, CVE-2023-41974 Apple iOS and iPadOS Use-After-Free Vulnerability, CVE-2023-43000 Apple Multiple products Use-After-Free Vulnerability.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.