The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The list of shortcomings is as follows – CVE-2022-47986 (CVSS score: 9.8) – IBM Aspera Faspex Code Execution Vulnerability
CVE-2022-41223 (CVSS score: 6.8) – Mitel MiVoice Connect Code Injection