Apr 14, 2022 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • VMware Workspace ONE Access And Identity Manager added to CISA KEV — confirmed in-the-wild exploitation.
  • 9 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Critical active threat

CVE-2022-22954 VMware Workspace ONE Access and Identity Manager Server-Side Template Injection

  • Actively exploited (CISA KEV)
  • Listed on CISA KEV
  • Remote code execution exposure

VMware Workspace ONE Access And Identity Manager RCE is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.

Critical exposure

CVE-2021-40422 Swiftsensors Sg3-1010 Firmware RCE

  • CVSS 10
  • Remote code execution exposure

New critical Swiftsensors Sg3-1010 Firmware RCE (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2021-21938 Accusoft Imagegear Code Execution

  • CVSS 9.8
  • Remote code execution exposure

New critical Accusoft Imagegear Code Execution (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

VMware Workspace ONE Access and Identity Manager Server-Side Template Injection

View KEV additions

Exploit & PoC activity

Nothing flagged in this category for this digest.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-21938 CVSS 9.8

A heap-based buffer overflow vulnerability exists in the Palette box parser functionality of Accusoft ImageGear 19.10.

CVE-2021-40390 CVSS 9.8

An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4.

CVE-2021-40422 CVSS 10

An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010.

CVE-2021-43290 CVSS 9.8

An issue was discovered in ThoughtWorks GoCD before 21.3.0.

CVE-2022-24846 CVSS 9.1

GeoWebCache is a tile caching server implemented in Java.

CVE-2022-26034 CVSS 9.1

Improper authentication vulnerability in the communication protocol provided by AD (Automation Design) server of CENTUM VP R6.01.10 to R6...

CVE-2022-26507 CVSS 9.8

A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7.

CVE-2022-27007 CVSS 9.8

nginx njs 0.7.2 is affected suffers from Use-after-free in njs_function_frame_alloc() when it try to invoke from a restored frame saved w...

CVE-2022-28711 CVSS 9.8

A memory corruption vulnerability exists in the cgi.c unescape functionality of ArduPilot APWeb master branch 50b6b7ac - master branch 46...

View critical disclosures

cvelogic Threat Intelligence