Home
» Risk & Exploitation
» Daily threat intelligence
» Mar 3, 2022
Mar 3, 2022 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
Cisco Small Business RV160, RV260, RV340, And RV345 Series Routers: 38 CVEs added to CISA KEV today.
8 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CVE-2002-0367
Microsoft Windows Privilege Escalation
Actively exploited (CISA KEV)
Listed on CISA KEV
Potential privilege escalation to admin/root
Microsoft Windows Privilege Escalation is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Critical exposure
CVE-2022-22947
VMware Spring Cloud Gateway Code Injection
New critical disclosure (CVSS 10) — high severity with a short public awareness window before exploit material typically surfaces.
Critical exposure
CVE-2021-3762
A directory traversal vulnerability was found in the ClairCore engine of Clair.
CVSS 9.8
Remote code execution exposure
New critical Redhat Clair RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Cisco Small Business RV Series Routers Stack-based Buffer Overflow
Cisco Small Business RV Series Routers Stack-based Buffer Overflow
Cisco Small Business RV Series Routers Stack-based Buffer Overflow
Cisco Small Business RV Series Routers Stack-based Buffer Overflow
Cisco Small Business RV Series Routers Stack-based Buffer Overflow
Microsoft Windows Installer Privilege Escalation
Treck TCP/IP stack Out-of-Bounds Read
Apache Tomcat Improper Privilege Management
Microsoft Excel Remote Code Execution
Cisco Small Business Routers Improper Input Validation
Microsoft Exchange Server Privilege Escalation
View KEV additions
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
A directory traversal vulnerability was found in the ClairCore engine of Clair.
Improper Restriction of XML External Entity Reference in GitHub repository hazelcast/hazelcast in 5.1-BETA-1.
Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types.
OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4.
VMware Spring Cloud Gateway Code Injection
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml.
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java.
MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via search.do in the file /mdiy/dict/listExcludeApp.
View critical disclosures
cvelogic
Threat Intelligence