CISA Adds Sophos, Oracle, and Microsoft Flaws to Known Exploited Vulnerabilities Catalog

In a recent development, the United States Cybersecurity and Infrastructure Security Agency (CISA) has added product flaws from leading cybersecurity firms Sophos, Oracle, and Microsoft to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities have been identified as potential entry points for cybercriminals, highlighting the importance of promptly addressing them to mitigate the risk of exploitation.

Exploited Flaw: Sophos CVE-2023-1671

One of the flaws listed by CISA is the critical Sophos Web Appliance vulnerability, identified as CVE-2023-1671. This vulnerability allows an unauthenticated attacker to execute arbitrary code, posing a significant threat to affected systems. Sophos had issued patches for this flaw in April, raising awareness among customers that the impacted appliance would reach its end of life on July 20, 2023. Disturbingly, some of the cyberattacks linked to CVE-2023-1671 have been attributed to a Chinese APT group, specifically targeting government and other organizations in South Asia. These attacks underscore the urgent need for organizations to address this vulnerability to prevent unauthorized access to their systems.

Exploited Flaw: Oracle CVE-2020-2551

CISA has also identified CVE-2020-2551, an Oracle WebLogic Server vulnerability, as actively exploited by cybercriminals. This flaw enables unauthenticated attackers to gain control over affected servers. The inclusion of this vulnerability in the CVE catalog serves as a wake-up call for Oracle users to apply patches and secure their systems against potential exploitation.

Exploited Flaw: Windows CVE-2023-36584

CISA’s KEV catalog also includes CVE-2023-36584, a flaw that allows attackers to bypass the Mark of the Web (MotW) security feature in Windows. The MotW feature acts as a safeguard against running potentially harmful files from the internet, making the vulnerability particularly concerning. It is worth noting that while Palo Alto Networks disclosed the flaw, it does not explicitly state whether CVE-2023-36584 has been exploited. Additionally, Microsoft’s advisory released on October 10 clarified that no exploitation of this vulnerability had been observed. Nevertheless, it is crucial to remain cautious and address potential security loopholes to maintain robust defenses.

Update from Sophos

In response to the inclusion of CVE-2023-1671 in the CVE catalog, Sophos has released a statement emphasizing their proactive approach. They revealed that over six months ago, on April 4, 2023, they had already issued an automatic patch to all Sophos Web Appliances. This swift action demonstrates the company’s commitment to enhancing their customers’ security posture and minimizing the risk of exploitation stemming from known vulnerabilities.

The addition of these flaws to CISA’s KEV catalog serves as a stark reminder of the ever-present threat cybercriminals pose to organizations. It highlights the importance of promptly addressing and remedying identified vulnerabilities to prevent unauthorized access, data breaches, or other malicious activities. With cyber threats becoming increasingly sophisticated, it is crucial for organizations to adopt a proactive approach by staying abreast of best practices, promptly applying software patches, and maintaining up-to-date security measures. By mitigating the risk of exploited vulnerabilities, organizations can fortify their defenses and safeguard sensitive data and critical systems from cyber threats.

Explore more

Can a Unified ERP System Future-Proof Levi Strauss?

Establishing a seamless digital environment for a brand that spans over a hundred nations is a monumental undertaking that requires more than just standard software updates. Currently, Levi Strauss & Co. is navigating a profound transformation of its digital infrastructure, aiming for a mid-2027 completion of a fully integrated global enterprise resource planning system. This strategic overhaul is not merely

Ethereum Faces $10 Billion Liquidation Risk Near $2,000

The current trajectory of Ethereum suggests a massive collision between aggressive retail speculation and sophisticated institutional sell-side pressure as the asset hovers near the $2,000 psychological threshold. This specific price point has historically served as a pivot for broader market sentiment, influencing the behavior of various decentralized finance protocols and secondary layer-two scaling solutions. Currently, the market exhibits a state

ClickLock Malware Coerces macOS Users to Surrender Passwords

Traditional macOS security architectures have long been celebrated for their robust sandboxing and gated execution, yet a new strain of malware is proving that the human element remains the most vulnerable entry point in any digital ecosystem. This threat, known as ClickLock, has emerged as a particularly aggressive evolution in the macOS threat landscape by prioritizing psychological pressure and social

Stalled Windows 11 Migration Poses Growing Security Risks

The global landscape of enterprise computing is currently grappling with a persistent digital divide as a significant segment of users continues to rely on Windows 10 despite the availability of more secure alternatives. The current ecosystem of digital infrastructure remains tethered to legacy architecture, with recent telemetry indicating that approximately one in six workstations worldwide continues to operate on Windows

How Is OpenAI Redefining AI With Precision Engineering?

The shift from experimental conversationalists to precise engineering tools has fundamentally altered the landscape of digital productivity and high-performance computing in 2026. This transition is marked by a move away from the early excitement surrounding generative models toward a rigorous framework centered on deep optimization and granular control. OpenAI has spearheaded this movement with the introduction of the GPT-5.6 Sol