CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
Summary
CISA has added three vulnerabilities, including flaws in SolarWinds, Ivanti, and VMware Workspace One, to its Known Exploited Vulnerabilities (KEV) catalog. This inclusion is due to evidence indicating that these vulnerabilities are actively being exploited in the wild.
IFF Assessment
FOE
The active exploitation of these vulnerabilities poses an immediate threat to organizations, as attackers are already leveraging these weaknesses.
Severity
7.5
High
Defender Context
This advisory from CISA is a critical alert for defenders to prioritize patching or mitigating these specific vulnerabilities. Organizations should immediately assess their exposure to CVE-2021-22054 and other listed flaws, as active exploitation means attackers may already be attempting to compromise systems.