Original release date: June 9, 2022

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates.   
 
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.   
 
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the specified criteria. 

Original release date: June 7, 2022

CISA, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA) to provide information on ways in which People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities in order to establish a broad network of compromised infrastructure across public and private sector organizations. The advisory details PRC state-sponsored targeting and compromise of major telecommunications companies and network service providers. It also provides information on the top vulnerabilities associated with network devices routinely exploited by PRC cyber actors since 2020.

CISA, NSA, and the FBI encourage organizations to review People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices to learn about PRC tactics, techniques, and procedures and to apply the recommended mitigations. 

Original release date: June 7, 2022

Owl Labs has released security updates to address a vulnerability (CVE-2022-31460) in Meeting Owl Pro and Whiteboard Owl. An attacker could exploit this vulnerability to obtain sensitive information. 

CISA encourages users and administrators to review the Owl Labs security advisories for Meeting Owl Pro and Whiteboard Owl and update to Version 5.4.1.4. 

Original release date: June 3, 2022

CISA has released an Industrial Controls Systems Advisory (ICSA) detailing vulnerabilities affecting versions of the Dominion Voting Systems Democracy Suite ImageCast X, which is an in-person voting system used to allow voters to mark their ballot.

Exploitation of these vulnerabilities would require physical access to individual ImageCast X devices, access to the Election Management System (EMS), or the ability to modify files before they are uploaded to ImageCast X devices. Jurisdictions can prevent and/or detect the exploitation of these vulnerabilities by diligently applying the mitigations recommended in ICSA-22-154A, including technical, physical, and operational controls that limit unauthorized access or manipulation of voting systems. Many of these mitigations are already typically standard practice in jurisdictions where these devices are in use and can be enhanced to further guard against exploitation of these vulnerabilities.

While these vulnerabilities present risks that should be mitigated as soon as possible, CISA has no evidence that these vulnerabilities have been exploited in any elections. 

Original release date: June 2, 2022

CISA has added one new vulnerability—CVE-2022-26134—to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow on the of the “Date Added to Catalog” column, which will sort by descending dates.   

There are currently no updates available. Atlassian is working to issue an update. Per BOD 22-01 Catalog of Known Exploited Vulnerabilities, federal agencies are required to immediately block all internet traffic to and from Atlassian’s Confluence Server and Data Center products until an update is available and successfully applied.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.   

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the meet the specified criteria.