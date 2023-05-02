The Known Exploited Vulnerabilities (KEV) database of the US Cybersecurity and Infrastructure Security Agency (CISA) currently includes three new security flaws.

The US Cybersecurity and Infrastructure Security Agency (CISA) has added three security flaws to the Known Exploited Vulnerabilities (KEV) catalog. These include a remote code execution vulnerability in the Apache Log4j2 logging library, a command injection flaw in the TP-Link Archer AX-21 routers, and an unidentified bug in Oracle WebLogic Server. These vulnerabilities are tracked as CVE-2023-1389, CVE-2021-45046, and CVE-2023-21839.

Details about the vulnerabilities

CVE-2023-1389 is a TP-Link Archer AX-21 command Injection vulnerability, allowing unauthenticated attackers to inject commands that would be run as root. It is scored with a CVSS3 rating of 8.8 (high).

CVE-2021-45046 is an Apache Log4j2 deserialization of untrusted data vulnerability that resulted in an information leak and remote code execution in some environments and local code execution in all environments. It is rated with a CVSS3 rating of 9.0 (critical).

CVE-2023-21839 allowed unauthenticated attackers with network access to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server data. It is scored with a CVSS3 rating of 7.5 (high).

According to CISA, to safeguard FCEB networks from current threats, Federal Civilian Executive Branch agencies must address these vulnerabilities by the deadline indicated in Binding Operational Directive (BOD). In addition, all businesses are advised by CISA to patch catalog vulnerabilities rapidly.