CISA Known Exploited Vulnerability Catalog March 2023

For a detailed CISA’s KEV Catalog, download the pdf file here

Summary

For a detailed CISA’s KEV Catalog, download the pdf file here

The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included in the catalog, a vulnerability must meet three criteria: have a Common Vulnerabilities and Exposures (CVE) ID, reliable evidence of active exploitation, and a clear remediation action such as a vendor-provided update. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce the likelihood of compromise by threat actors. In March 2023, nineteen vulnerabilities met the criteria for inclusion in the CISA’s KEV catalog.

Note: The term “Zerobot” in this advisory refers to a specific type of malware, and is not related with the organization zerobot.ai