Six actively exploited security flaws impacting Roundcube webmail servers, VMware Aria Operations for Networks, Mozilla Firefox, and Microsoft Windows kernel-mode drivers have been included by the Cybersecurity and Infrastructure Security Agency in its Known Exploited Vulnerabilities catalog, SecurityWeek reports.
Russian state-sponsored hacking operation APT28 was discovered to facilitate attacks against Ukrainian government organizations using the Roundcube vulnerabilities, tracked as CVE-2021-44026, CVE-2020-35730, and CVE-2020-12641, all of which have been patched since 2021. Also among the newly-added bugs are the command injection flaw in VMware Aria Operations for Networks, tracked as CVE-2023-20887, which was addressed early this month but subjected to abuse during the past week; as well as old vulnerabilities in Firefox and the kernel-mode driver of Windows, tracked as CVE-2016-9079 and CVE-2016-0165, respectively. All vulnerabilities should be remediated by federal agencies by July 13. "These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise," said CISA.