CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite
Original release date: November 10, 2022CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have updated joint Cybersecurity Advisory AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, originally released August 16, 2022. The advisory has been updated to include an additional Malware Analysis Report containing new indicators of compromise.
CISA encourages organizations to review the latest update to AA22-228A and apply the recommended mitigations.
This product is provided subject to this Notification and this Privacy & Use policy.
CISA Releases Twenty Industrial Control Systems Advisories
Original release date: November 10, 2022CISA has released twenty (20) Industrial Control Systems (ICS) advisories on November 10, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:
ICSA-22-314-01 Siemens Parasolid
ICSA-22-314-02 Siemens Missing Web Server Login Page of Industrial Controllers
ICSA-22-314-03 Siemens SINEC Network Management System Logback Component
ICSA-22-314-04 Siemens SINUMERIK ONE and SINUMERIK MC
ICSA-22-314-05 Siemens RUGGEDCOM ROS
ICSA-22-314-06 Siemens QMS Automotive
ICSA-22-314-07 Omron NJNX-series Machine Automation Controllers
ICSA-22-314-08 Omron NJNX-series
ICSA-22-314-09 Siemens Teamcenter Visualization and JT2Go
ICSA-22-314-10 Siemens SCALANCE W1750D
ICSA-22-314-11 Siemens SICAM Q100
ICSA-21-350-06 Siemens CAPITAL VSTAR (Update A)
ICSA-22-286-15 Siemens SCALANCE X-200 and X-200IRT Families (Update A)
ICSA-22-258-03 Siemens RUGGEDCOM ROS (Update A)
ICSA-22-228-02 LS ELEC PLC and XG5000 (Update A)
ICSA-22-298-06 Delta Electronic DIAEnergie (Update A)
ICSA-22-258-04 Siemens Mendix SAML Module (Update A)
ICSA-22-286-11 Siemens SCALANCE and RUGGEDCOM Products (Update A)
ICSA-21-350-13 Siemens Questa and ModelSim (Update A)
ICSA-22-069-01 Siemens RUGGEDCOM Devices (Update C)
This product is provided subject to this Notification and this Privacy & Use policy.
Cisco Releases Security Updates for Multiple Products
Original release date: November 10, 2022Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
CISA encourages users and administrators to review the following advisories and apply the necessary updates:
• Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Client Denial of Service Vulnerability cisco-sa-ssl-client-dos-cCrQPkA
• Cisco Secure Firewall 3100 Series Secure Boot Bypass Vulnerability cisco-sa-fw3100-secure-boot-5M8mUh26
• Cisco Firepower Threat Defense Software Generic Routing Encapsulation Denial of Service Vulnerability cisco-sa-ftd-gre-dos-hmedHQPM
• Cisco FirePOWER Software for ASA FirePOWER Module, Firepower Management Center Software, and NGIPS Software SNMP Default Credential Vulnerability cisco-sa-fmcsfr-snmp-access-6gqgtJ4S
• Cisco Firepower Management Center and Firepower Threat Defense Software SSH Denial of Service Vulnerability cisco-sa-fmc-dos-OwEunWJN
• Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Denial of Service Vulnerability cisco-sa-asaftd-snmp-dos-qsqBNM6x
• Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability cisco-sa-asa-ftd-dap-dos-GhYZBxDU
This product is provided subject to this Notification and this Privacy & Use policy.
CISA Releases SSVC Methodology to Prioritize Vulnerabilities
Original release date: November 10, 2022Today CISA published its guide on Stakeholder-Specific Vulnerability Categorization (SSVC), a vulnerability management methodology that assesses vulnerabilities and prioritizes remediation efforts based on exploitation status, impacts to safety, and prevalence of the affected product in a singular system.
As stated in Executive Assistant Director (EAD) Eric Goldstein’s blog post Transforming the Vulnerability Management Landscape, implementing a methodology, such as SSVC, is a critical step to advancing the vulnerability management ecosystem. Additionally, the blog details advances—including
CISA’s Known Exploited Vulnerabilities (KEV) catalog, Common Security Advisory Framework (CSAF) machine-readable security advisories, and the Vulnerability Exploitability eXchange (VEX)—that, used in conjunction with SSVC, will reduce the window cyber threat actors have to exploit networks.
CISA encourages organizations to read EAD Goldstein’s blog post and to use the following resources on the SSVC webpage to strengthen their vulnerability management processes:
CISA’s SSVC decision tree
SSVC Guide on using SSVC and the SSVC decision tree
SSVC Calculator for prioritizing vulnerability responses in an organization’s respective environment
This product is provided subject to this Notification and this Privacy & Use policy.