CISA Known Exploited Vulnerability Catalog January 2023

Threat Digests

CISA Known Exploited Vulnerability Catalog January 2023

For a detailed CISA’s KEV Catalog, download the pdf file here

Summary

For a detailed CISA’s KEV Catalogdownload the pdf file here

The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included in the catalog, a vulnerability must meet three criteria: have a Common Vulnerabilities and Exposures (CVE) ID, reliable evidence of active exploitation, and a clear remediation action such as a vendor-provided update. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce the likelihood of compromise by threat actors. In January 2023, five vulnerabilities met the criteria for inclusion in the CISA’s KEV catalog.