May 31: CSW Patch Watch & Security Updates

Highlights of Patch Watch Issue 14

Weaponized Vulnerabilities

We have 11 vulnerabilities that are known exploits. Here are our findings โ€“

  • 7 CVEs are RCE bugs.

  • 2 CVEs linked to Webapps.

  • 7 CVEs are rated critical and 1 is of medium severity.

Click here for our analysis and download patches.

Old Vulnerabilities

245 Old vulnerabilities have been fixed, ranging from the year 2015 to 2020.

  • 4 CVEs have known exploits with RCE and webapp.

  • 39 CVEs are rated high and 108 are of high severity.

Click here for our analysis and download patches.

Notably, 52% of vulnerabilities are older weaknesses, and RCE flaws continue to be the major source of attack vectors that result in increasing cyber incidents and data breaches.

CISA Alerts

CISA has issued an alert for two vulnerabilities that have a high severity rating. Based on Common Weakness Enumeration (CWE) analysis, CVE-2021-1531 is categorized under CWE -74 (Improper Neutralization of Input During Web Page Generation), and CVE-2020-7774 as CWE – 20 (Improper Input Validation), which falls under the Top 3 dangerous Software Weaknesses 2020.

Click here for our analysis and download patches.

Table: Security Patches

We know that security teams are inundated with more patches than they can handle but attackers need only one vulnerability to bring down an organization or halt a supply chain.

CSWโ€™s Patch Watch helps organizations and their overworked security teams patch the most critical vulnerabilities and improve their security posture.ย  Get on our mailing list for more information about emerging threats.

Protect your organization with Attack Surface Management as a Service. Talk to us.

 

Share This Post On