by Artie Kaye
The US Cybersecurity and Infrastructure Security Agency have added several items to their list of must address exploits. As these are actively being used by attackers in the wild it is recommended to resolve the issues. Below are the companies, CVE numbers, and links to the solutions for said problems. (Links open in a new browse tab/window.)
| Company | CVE | Platform | Details |
|---|---|---|---|
| Apple | CVE-2022-42856 | Multiple | https://support.apple.com/en-us/HT213516 |
| Citrix | CVE-2022-27518 | ADC, Gateway | https://www.citrix.com/blogs/2022/12/13/critical-security-update-now-available-for-citrix-adc-citrix-gateway/ |
| Fortinet | CVE-2022-42475 | FortiOS | https://www.fortiguard.com/psirt/FG-IR-22-398 |
| CVE-2022-4262 | Desktop | https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop.html | |
| Microsoft | CVE-2022-44698 | Windows SmartScreen | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44698 |
| TIBCO | CVE-2018-18809 | JasperReports Library | https://www.tibco.com/support/advisories/2019/03/tibco-security-advisory-march-6-2019-tibco-jasperreports-library-2018-18809 |
| CVE-2018-5430 | JasperReports Server | https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5430 | |
| Veeam | CVE-2022-26501 CVE-2022-26500 | Backup and Replication | https://www.veeam.com/kb4288 |