Mar 15, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Microsoft Windows: 14 CVEs added to CISA KEV today.
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2015-2546 Microsoft Win32k Memory Corruption

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV

Microsoft Win32k Memory Corruption is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2022-26997 Commscope Arris Tr3300 Firmware Command Injection

  • CVSS 9.8

New critical Commscope Arris Tr3300 Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2022-26998 Commscope Arris Tr3300 Firmware Command Injection

  • CVSS 9.8

New critical Commscope Arris Tr3300 Firmware Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

CVE-2019-1405 KEV

Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation

CVE-2019-1315 KEV

Microsoft Windows Error Reporting Manager Privilege Escalation

CVE-2019-1253 KEV

Microsoft Windows AppX Deployment Server Privilege Escalation

CVE-2019-1129 KEV

Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation

CVE-2019-1064 KEV

Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation

CVE-2019-1069 KEV

Microsoft Task Scheduler Privilege Escalation

CVE-2019-0841 KEV

Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-43958 CVSS 9.8

Various rest resources in Fisheye and Crucible before version 4.8.9 allowed remote attackers to brute force user login credentials as res...

CVE-2022-26997 CVSS 9.8

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the upnp function via the upnp_ttl parameter.

CVE-2022-26998 CVSS 9.8

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the wps setting function via the wps_enrolee_pin para...

CVE-2022-26999 CVSS 9.8

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the wan_ip_stat,...

CVE-2022-27000 CVSS 9.8

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and time zone function via the h_primary_ntp...

CVE-2022-27001 CVSS 9.8

Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp function via the hostname parameter.

CVE-2022-27002 CVSS 9.8

Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddns_pwd, h_ddn...

CVE-2022-27003 CVSS 9.8

Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnera...

CVE-2022-27004 CVSS 9.8

Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnera...

CVE-2022-27005 CVSS 9.8

Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnera...

View critical disclosures

cvelogic Threat Intelligence