CISA Active Exploits – June 2023

by Artie Kaye

The Cybersecurity and Infrastructure Agency (CISA) added a host of new exploits over the last two months which are must patch issues. While these instructions are meant for governmental agencies, it would be prudent to address them if they apply. Below are the CVE numbers, what products are affected, and official links the various companies have provided highlighting the problem or their solutions.

All links will open in a new browser tab or window.

CompanyAffectsPatch or WorkaroundCVE
AppleiOS 15.7.6, iPadOS 15.7.6 CVE-2023-28204 CVE-2023-32373
iOS 16.5 iPadOS 16.5
macOS Ventura 13.4
Safari 16.5
tvOS 16.5
watchOS 9.5
Barracuda NetworksEmail Security Gateway Appliance
Multiple Products
JenkinsJenkins User Interface
LinuxLinux Kernel
CVE-2014-0196 CVE-2010-3904
OracleJava SE, JRockit
ProgressMOVEit Transfer
Red HatPolkit
Ruckus WirelessMultiple Products
SamsungMobile Devices
ZyxelMultiple Products
All links open in new tab or window.