Ethical Hacking News
U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog. The additions reveal a growing threat landscape driven by sophisticated threat actors exploiting widespread vulnerabilities. With CISA urging federal agencies to address the vulnerabilities by March 26, 2026, organizations must prioritize vulnerability remediation to protect their networks against emerging threats.
CISA has added Apple, Rockwell, and Hikvision flaws to its Know Exploited Vulnerabilities (KEV) catalog. CVE-2023-43000, CVE-2017-7921, and CVE-2021-22681 vulnerabilities have been identified in Apple, Hikvision, and Rockwell Automation products respectively. The additions reveal a growing threat landscape driven by sophisticated threat actors exploiting widespread vulnerabilities. CISA urges federal agencies to address the vulnerabilities by March 26, 2026. Organizations must prioritize vulnerability remediation to protect their networks against emerging threats.
U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added Apple, Rockwell, and Hikvision flaws to its Know Exploited Vulnerabilities (KEV) catalog, marking a significant escalation in the threat landscape against these industries. The inclusion of these vulnerabilities by CISA underscores the growing sophistication of threat actors and their ability to exploit widespread vulnerabilities.
CVE-2023-43000, a use-after-free vulnerability in Apple's WebKit component, has been identified as having a CVSS score of 8.8. This flaw allows maliciously crafted web content to trigger memory corruption, potentially leading to the compromise of sensitive data or device controls. The vulnerability was addressed by Apple with improved memory management in macOS Ventura 13.5, iOS 16.6, iPadOS 16.6, and Safari 16.6.
The second added flaw, CVE-2017-7921, is an improper authentication vulnerability affecting multiple Hikvision IP camera series running older firmware versions. This flaw occurs when the system fails to correctly verify user credentials, potentially allowing attackers to bypass authentication, escalate privileges, and gain unauthorized access to sensitive data or device controls.
The third added flaw, CVE-2021-22681, impacts Rockwell Automation Studio 5000 Logix Designer and RSLogix 5000. This vulnerability allows an unauthenticated attacker to bypass the key-based verification used to authenticate with industrial controllers. By exploiting this flaw, attackers could impersonate trusted systems and communicate with affected controllers, potentially compromising industrial automation environments.
Furthermore, Google's Threat Intelligence Group (GTIG) has identified a powerful new iOS exploit kit called Coruna, which targets Apple iPhones running iOS versions 13.0 through 17.2.1. The kit includes five full exploit chains and a total of 23 exploits, including the aforementioned vulnerabilities. While highly capable against iPhones running these older iOS versions, Coruna is ineffective against the latest iOS release.
GTIG tracked the use of the exploit in highly targeted attacks by a surveillance vendor's customer, in Ukrainian watering hole campaigns by UNC6353, and later in broad-scale attacks by Chinese financial threat actor UNC6691. This highlights an active market for "second-hand" zero-day exploits, where multiple threat actors reuse and adapt these advanced techniques for new vulnerabilities.
The inclusion of these vulnerabilities by CISA underscores the importance of prioritizing vulnerability remediation in federal agencies. FCEB agencies are required to address the identified vulnerabilities by March 26, 2026, as per CISA's Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities.
Experts recommend that private organizations review the catalog and address the vulnerabilities in their infrastructure. This is crucial to protecting against attacks exploiting these flaws and maintaining the security posture of critical infrastructure.
In conclusion, the addition of Apple, Rockwell, and Hikvision flaws to CISA's KEV catalog highlights a growing landscape of threat actors and advanced malware. It emphasizes the importance of prioritizing vulnerability remediation and staying vigilant in the face of evolving threats.
U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulnerabilities catalog. The additions reveal a growing threat landscape driven by sophisticated threat actors exploiting widespread vulnerabilities. With CISA urging federal agencies to address the vulnerabilities by March 26, 2026, organizations must prioritize vulnerability remediation to protect their networks against emerging threats.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Exploited-How-US-CISAs-Latest-Addition-to-its-Known-Exploited-Vulnerabilities-Catalog-Reveals-a-Growing-Landscape-of-Threat-Actors-and-Advanced-Malware-ehn.shtml
https://securityaffairs.com/189005/security/u-s-cisa-adds-apple-rockwell-and-hikvision-flaws-to-its-known-exploited-vulnerabilities-catalog.html
https://cybersixt.com/a/IKc1P8IvGCCF7LGthZ6MGS
https://nvd.nist.gov/vuln/detail/CVE-2023-43000
https://www.cvedetails.com/cve/CVE-2023-43000/
https://nvd.nist.gov/vuln/detail/CVE-2017-7921
https://www.cvedetails.com/cve/CVE-2017-7921/
https://nvd.nist.gov/vuln/detail/CVE-2021-22681
https://www.cvedetails.com/cve/CVE-2021-22681/
Published: Fri Mar 6 04:22:43 2026 by llama3.2 3B Q4_K_M
