Feb 4, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Microsoft Win32k added to CISA KEV — confirmed in-the-wild exploitation.
  • Servisnet Tessa: public exploit or PoC linked (privilege escalation)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2022-21882 Microsoft Win32k Privilege Escalation

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Potential privilege escalation to admin/root

Microsoft Win32k Privilege Escalation is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Active exploit activity

CVE-2022-22831 An issue was discovered in Servisnet Tessa 0.0.2.

  • Public exploit or PoC available
  • Exploit activity linked
  • Potential privilege escalation to admin/root

Servisnet Tessa privilege escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2021-21960 Sealevel Seaconnect 370w Firmware RCE

  • CVSS 10
  • Remote code execution exposure

New critical Sealevel Seaconnect 370w Firmware RCE (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

View KEV additions

Exploit & PoC activity

CVE-2022-22831 Exploit

An issue was discovered in Servisnet Tessa 0.0.2.

CVE-2022-22832 Exploit

An issue was discovered in Servisnet Tessa 0.0.2.

CVE-2022-22833 Exploit

An issue was discovered in Servisnet Tessa 0.0.2.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-21960 CVSS 10

A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel Systems, Inc.

CVE-2021-21961 CVSS 10

A stack-based buffer overflow vulnerability exists in the NBNS functionality of Sealevel Systems, Inc.

CVE-2021-21965 CVSS 9.3

A denial of service vulnerability exists in the SeaMax remote configuration functionality of Sealevel Systems, Inc.

CVE-2021-29393 CVSS 9.8

Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthe...

CVE-2021-29396 CVSS 9.8

Systemic Insecure Permissions in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to use vari...

CVE-2021-36152 CVSS 9.8

Apache Gobblin trusts all certificates used for LDAP connections in Gobblin-as-a-Service.

CVE-2022-0365 CVSS 9.1

The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary...

CVE-2022-22987 CVSS 9.8

The affected product has a hardcoded private key available inside the project folder, which may allow an attacker to achieve Web Server l...

CVE-2022-23329 CVSS 9.8

New critical Ujcms Jspxcms exposure disclosed.

CVE-2022-23379 CVSS 9.8

Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid().

View critical disclosures

cvelogic Threat Intelligence