Communications of the ACM
CISA Adds Google, Microsoft and QNAP Bugs to Exploited Vulnerabilities List
Google’s CVE-2021-39793 – patched in March – affects Pixel devices and patches address an out-of-bounds write vulnerability “due to a logic error in the code that could lead to local escalation of privilege.”
Credit: CISA
The U.S. federal Cybersecurity and Infrastructure Security Agency (CISA) added eight vulnerabilities to its catalog of exploited bugs on Monday, with each given a remediation date of May 2.
All of the issues have patches or updates available except for CVE-2021-27852 – a deserialization of untrusted data vulnerability affecting Checkbox, a digital survey tool. Versions 7 and later of Checkbox Survey are not considered vulnerable to the issue but Version 6 and earlier are end-of-life and must be removed from agency networks, according to CISA.
From The Record
View Full Article
No entries found