CISA added 0-day CVE-2022-44698 to its list of known exploited vulnerabilities

CVE-2022-44698

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch their systems against an actively exploited Windows vulnerability that enables attackers to bypass security features to cause an impact on integrity and availability.

CISA is also recommending that Federal Civilian Executive Branch (FCEB) agencies patch all systems against the vulnerabilities by January 1, 2023, to reduce their exposure to potential cyberattacks.

CVE-2022-44698

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose a significant risk to the federal enterprise,” the cybersecurity agency said.

Tracked as CVE-2022-44698 (CVSS score: 5.4), the flaw could allow a remote attacker to bypass security restrictions, caused by a flaw in the SmartScreen component.

An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging,” Microsoft wrote.

CVE-2022-44698 affects systems running Windows 10 Version 1607, Version 22H2, and Version 21H2, and Windows Server 2016 without the December 2022 Patch Tuesday updates.

Other actively exploited flaws added to the list are as follows:

  • CVE-2022-42475: Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
  • CVE-2022-27518: Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability
  • CVE-2022-26500: Veeam Backup & Replication Remote Code Execution Vulnerability
  • CVE-2022-26501: Veeam Backup & Replication Remote Code Execution Vulnerability