![\"\"](\"http:\/\/webdev.securin.xyz\/wp-content\/uploads\/2023\/03\/securin-patchwatch_28_image1-1024x697.png\")
<\/p>\nIn this blog we will be taking a look at the CVEs that need to be patched by March 10, 2023. Let\u2019s look at the analysis of all the vulnerabilities below:<\/p>\n
<\/p>\n
<\/p>\n
<\/p>\n
From our analysis, we found that<\/p>\n
All 8 vulnerabilities are weaponized and have been exploited in the wild.<\/p>\n<\/li>\n
CVE-2023-23376<\/a>,\u00a0CVE-2023-21823<\/a>, and\u00a0CVE-2023-21715<\/a>\u00a0are Microsoft vulnerabilities that can be exploited to gain privilege escalation. All three vulnerabilities have publicly exposed exploit concepts.<\/p>\n<\/li>\n CVE-2023-23529<\/a>\u00a0is Apple\u2019s type confusion issue that can be exploited for arbitrary code execution by getting the targeted user to access a malicious website. It is actively being exploited now.<\/p>\n<\/li>\n CVE-2022-46169<\/a>\u00a0is a critical command injection flaw found in the Cacti monitoring solution. It allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. Since an exploit for it was published, attackers have been actively exploiting this vulnerability in Cacti. CVE-2022-46169 was patched in December 2023.<\/p>\n<\/li>\n CVE-2023-0669<\/a>\u00a0is the much exploited Fortra GoAnywhere MFT Remote Code Execution Vulnerability. Clop ransomware has breached more than 130 organizations by exploiting this vulnerability.<\/p>\n<\/li>\n
![\"\"](\"http:\/\/webdev.securin.xyz\/wp-content\/uploads\/2023\/03\/securin-patchwatch_28_image2-1024x833.png\")
<\/p>\n![\"\"](\"http:\/\/webdev.securin.xyz\/wp-content\/uploads\/2023\/03\/securin-patchwatch_28_image3-1024x702.png\")
<\/p>\n![\"\"](\"http:\/\/webdev.securin.xyz\/wp-content\/uploads\/2023\/03\/securin-patchwatch_28_image4-1024x870.png\")
<\/p>\n![\"\"](\"http:\/\/webdev.securin.xyz\/wp-content\/uploads\/2023\/03\/securin-patchwatch_28_image5-1024x837.png\")
<\/p>\n