CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
- CVE-2023-4966 Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
- CVE-2021-1435 Cisco IOS XE Web UI Command Injection Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column—which will sort by descending dates.
Read the original article: