CISA Known Exploited Vulnerabilities January, 2024 Update


by Artie Kaye

Your monthly update of high severity flaws which are actively being exploited. If you are using any of the programs or devices listed below it is advised to take the recommended steps to address the problem. Wyo Support News may have reported on some of these vulnerabilities in the past. Below are the items added through the month of December, 2023. (As always, links to external sites will open in new tabs or windows.)

CompanyCVEPlatformDetails
AppleCVE-2023-42916
CVE-2023-42917
Multiple Productshttps://support.apple.com/en-us/HT214031
https://support.apple.com/en-us/HT214032
https://support.apple.com/en-us/HT214033
FXCCVE-2023-49897AE1021, AE1021PEhttps://www.fxc.jp/news/20231206 (Requires translation)
QlikCVE-2023-41265
CVE-2023-41266
Sensehttps://community.qlik.com/t5/Official-Support-Articles/Critical-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows/ta-p/2110801
QNAPCVE-2023-47565VioStor NVRhttps://www.qnap.com/en/security-advisory/qsa-23-48
QualcommCVE-2022-22071
CVE-2023-33063
CVE-2023-33106
CVE-2023-33107
Multiple Chipsetshttps://git.codelinaro.org/clo/la/kernel/msm-5.4/-/commit/586840fde350d7b8563df9889c8ce397e2c20dda
https://git.codelinaro.org/clo/la/kernel/msm-5.15/-/commit/2643808ddbedfaabbb334741873fb2857f78188a
https://git.codelinaro.org/clo/la/kernel/msm-4.14/-/commit/d43222efda5a01c9804d74a541e3c1be9b7fe110
https://git.codelinaro.org/clo/la/kernel/msm-4.19/-/commit/1e46e81dbeb69aafd5842ce779f07e617680fd58
https://git.codelinaro.org/clo/la/kernel/msm-4.19/-/commit/d66b799c804083ea5226cfffac6d6c4e7ad4968b
UnitronicsCVE-2023-6448Vision PLC and HMIhttps://downloads.unitronicsplc.com/Sites/plc/Technical_Library/Unitronics-Cybersecurity-Advisory-2023-001-CVE-2023-6448.pdf