The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three flaws to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The security vulnerabilities are as follows –
- CVE-2023-1389 (CVSS score: 8.8) – TP-Link Archer AX-21 Command Injection Vulnerability
- CVE-2021-45046 (CVSS score: 9.0) – Apache Log4j2 Deserialization of Untrusted Data Vulnerability
- CVE-2023-21839 (CVSS score: 7.5) – Oracle WebLogic Server Unspecified Vulnerability
CVE-2023-1389 concerns a case of command injection affecting TP-Link Archer AX-21 routers that could be exploited to achieve remote code execution. According to Trend Micro’s Zero Day Initiative, the flaw has been put to use by threat actors associated with the Mirai botnet since April 11, 2023.