diff --git a/known_exploited_vulnerabilities.json b/known_exploited_vulnerabilities.json index b9e3926..247086a 100644 --- a/known_exploited_vulnerabilities.json +++ b/known_exploited_vulnerabilities.json @@ -1,7 +1,7 @@ { "title": "CISA Catalog of Known Exploited Vulnerabilities", - "catalogVersion": "2024.11.27", - "dateReleased": "2024-11-27T16:35:36.744Z", + "catalogVersion": "2024.12.02", + "dateReleased": "2024-12-02T14:18:22.1756Z", "count": 1223, "vulnerabilities": [ { @@ -13,7 +13,7 @@ "shortDescription": "Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an attacker to read local files and execute code on the SSL VPN gateway.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-12-16", - "knownRansomwareCampaignUse": "Unknown", + "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/support.arraynetworks.net\/prx\/001\/http\/supportportal.arraynetworks.net\/documentation\/FieldNotice\/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-28461", "cwes": [ "CWE-306" @@ -873,7 +873,7 @@ "shortDescription": "SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.", "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "dueDate": "2024-09-30", - "knownRansomwareCampaignUse": "Unknown", + "knownRansomwareCampaignUse": "Known", "notes": "https:\/\/psirt.global.sonicwall.com\/vuln-detail\/SNWLID-2024-0015; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-40766", "cwes": [ "CWE-284"