[Security Vulnerability Alert] CISA adds 11 known vulnerabilities exploited by hackers to the KEV directory (2026/02/09-2026/02/15)

 
2026/2/25 ~ 2026/9/25
View Count:48

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202602-00000009

[Content Description]
【CVE-2026-21513】Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability (CVSS v3.1: 8.8)
【Exploited by Ransomware: Unknown】 A vulnerability exists in the Microsoft MSHTML Framework that weakens its protection mechanism, potentially allowing unauthorized attackers to bypass security features over the network.

【CVE-2026-21525】Microsoft Windows NULL Pointer Dereference Vulnerability (CVSS v3.1: 6.2)
【Exploited by Ransomware: Unknown】 A vulnerability exists in Microsoft Windows Remote Access Connection Manager that dereferences a null pointer, potentially allowing unauthorized attackers to cause service disruption on the local machine.

【CVE-2026-21510】Microsoft Windows Shell Protection Mechanism Failure Vulnerability (CVSS v3.1: 8.8)
【Ransomware Exploitation Possibility: Unknown】 A vulnerability exists in the Microsoft Windows Shell that compromises its protection mechanism, potentially allowing unauthorized attackers to bypass security features over a network.

【CVE-2026-21533】Microsoft Windows Improper Privilege Management Vulnerability (CVSS v3.1: 7.8)
【Ransomware Exploitation Possibility: Unknown】 A vulnerability exists in Microsoft Windows Remote Desktop Services that compromises privileges, potentially allowing authorized attackers to escalate privileges on the local machine.

【CVE-2026-21519】Microsoft Windows Type Confusion Vulnerability (CVSS v3.1: 7.8)
【Ransomware Exploitation Possibility: Unknown】 A vulnerability exists in Microsoft Desktop Windows Manager that compromises privileges, potentially allowing authorized attackers to escalate privileges on the local machine.

【CVE-2026-21514】Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability (CVSS v3.1: 7.8)
【Ransomware Exploitation: Unknown】 Microsoft Office Word relies on untrusted input in a security decision, potentially allowing an authorized attacker to escalate privileges on the local machine.

【CVE-2026-20700】Apple Multiple Buffer Overflow Vulnerability (CVSS v3.1: 7.8)
【Ransomware Exploitation: Unknown】 Apple iOS, macOS, tvOS, watchOS, and visionOS contain a buffer overflow vulnerability that could allow an attacker with write access to memory to execute arbitrary code.

【CVE-2024-43468】Microsoft Configuration Manager SQL Injection Vulnerability (CVSS v3.1: 9.8)
【Ransomware Exploitation: Unknown】 Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could execute commands on the server and/or underlying database by sending specially crafted requests to the target environment.

【CVE-2025-15556】Notepad++ Download of Code Without Integrity Check Vulnerability (CVSS v3.1: 7.5)
【Exploited by Ransomware: Unknown】 A vulnerability exists in Notepad++ that allows unauthenticated attackers to download code without integrity checks when using the WinGUp update program. This could allow attackers to intercept or redirect update traffic, thereby downloading and executing an attacker-controlled installer.

This vulnerability could allow attackers to execute arbitrary code with user privileges.

【CVE-2025-40536】SolarWinds Web Help Desk Security Control Bypass Vulnerability (CVSS v3.1: 8.1)
【Exploited by Ransomware: Unknown】 A security control bypass vulnerability exists in SolarWinds Web Help Desk, which could allow unauthenticated attackers to access some restricted functions.

【CVE-2026-1731】BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability (CVSS v3.1: 9.8)
【Exploited by Ransomware: Yes】 An operating system command injection vulnerability exists in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA).

This vulnerability could allow an unauthenticated remote attacker to execute operating system commands as a website user.

This vulnerability can be exploited without authentication or user interaction, potentially leading to system intrusion, including unauthorized access, data breaches, and service interruptions.

[Affected Platforms]
【CVE-2026-21513】Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21513

【CVE-2026-21525】Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21525

【CVE-2026-21510】Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21510

【CVE-2026-21533】Please refer to the official list of affected versions: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21533 [CVE-2026-21519] Please refer to the official affected versions listed here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21519

【CVE-2026-21514】Please refer to the official affected versions listed here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21514

【CVE-2026-20700】Please refer to the official affected versions listed here: https://support.apple.com/en-us/100100

【CVE-2024-43468】Please refer to the official affected versions listed here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43468

【CVE-2025-15556】Please refer to the official affected versions listed here. https://notepad-plus-plus.org//news//clarification-security-incident/

【CVE-2025-40536】Please refer to the affected versions listed by the official documentation: https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40536

【CVE-2026-1731】Please refer to the affected versions listed by the official documentation: https://www.beyondtrust.com/trust-center/security-advisories/bt26-02

[Recommended Actions]
【CVE-2026-21513】An official patch update has been released for this vulnerability. Please update to the relevant version: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21513

【CVE-2026-21525】An official patch update has been released for this vulnerability. Please update to the relevant version. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21525

【CVE-2026-21510】 An official patch update has been released for this vulnerability. Please update to the relevant version. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21510

【CVE-2026-21533】An official patch update has been released for this vulnerability. Please update to the relevant version. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21533

【CVE-2026-21519】An official patch update has been released for this vulnerability. Please update to the relevant version. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21519 【CVE-2026-21514】 An official patch update has been released for this vulnerability. Please update to the relevant version: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21514

【CVE-2026-20700】An official patch update has been released for this vulnerability. Please update to the relevant version: https://support.apple.com/en-us/100100

【CVE-2024-43468】An official patch update has been released for this vulnerability. Please update to the relevant version: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43468

【CVE-2025-15556】An official patch update has been released for this vulnerability. Please update to the relevant version: https://notepad-plus-plus.org//news//clarification-security-incident/ [CVE-2025-40536] An official patch update has been released for this vulnerability. Please update to the relevant version: https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40536

【CVE-2026-1731】An official patch update has been released for this vulnerability. Please update to the relevant version: https://www.beyondtrust.com/trust-center/security-advisories/bt26-02

Files
None
【Back】
Top↑