[Security Vulnerability Alert] CISA adds 8 known vulnerabilities exploited by hackers to the KEV directory (2026/02/16-2026/02/22)

 
2026/2/25 ~ 2026/9/25
View Count:26

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202602-00000010

[Content Description]
【CVE-2020-7796】Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability (CVSS v3.1: 9.8)
【Ransomware Exploitation: Unknown】Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery vulnerability if WebEx zimlet is installed and zimlet JSP is enabled.

【CVE-2024-7694】TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability (CVSS v3.1: 7.2)
【Exploited by Ransomware: Unknown】The TeamT5 ThreatSonar Anti-Ransomware product's file upload content filtering is inadequate. A remote attacker with administrative privileges on the product platform can upload malicious files and execute arbitrary system commands on the server using those files.

【CVE-2008-0015】Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability (CVSS v3.1: 8.8)
【Exploited by Ransomware: Unknown】A remote code execution vulnerability exists in the Microsoft Windows Video ActiveX control. An attacker can exploit this vulnerability by creating a specially crafted webpage. When a user browses this webpage, remote code execution may occur. An attacker who successfully exploits this vulnerability may gain the same privileges as an already logged-in user.

【CVE-2026-2441】 Google Chromium CSS Use-After-Free Vulnerability (CVSS v3.1: 8.8)
【Ransomware Exploitation: Unknown】A use-after-free memory vulnerability exists in Google Chromium CSS, which could allow a remote attacker to exploit stacking corruption through specially crafted HTML pages. This vulnerability may affect multiple web browsers that use Chromium, including but not limited to Google Chrome, Microsoft Edge, and Opera.

【CVE-2021-22175】GitLab Server-Side Request Forgery (SSRF) Vulnerability (CVSS v3.1: 6.8)
【Ransomware Exploitation: Unknown】GitLab has a server-side request forgery vulnerability when enabling webhook requests to the internal network.

【CVE-2026-22769】Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability (CVSS v3.1: 10.0)
【Exploited by Ransomware: Unknown】A hard-coded credential vulnerability exists in Dell RecoverPoint for Virtual Machines (RP4VMs), potentially allowing an unauthenticated remote attacker to gain persistent access to the underlying operating system.

【CVE-2025-49113】RoundCube Webmail Deserialization of Untrusted Data Vulnerability (CVSS v3.1: 9.9)
【Exploited by Ransomware: Unknown】RoundCube Webmail contains a vulnerability that deserializes untrusted data. Because program/actions/settings/upload.php fails to validate the _from parameter in the URL, an authenticated user could remotely execute code using this vulnerability.

【CVE-2025-68461】RoundCube Webmail Cross-site Scripting Vulnerability (CVSS v3.1: 7.2)
【Exploitation by Ransomware: Unknown】RoundCube Webmail contains a cross-site scripting vulnerability that attackers can exploit through the animate tag in SVG files.

[Affected Platforms]
【CVE-2020-7796】Please refer to the official list of affected versions: https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P7

【CVE-2024-7694】ThreatSonar Anti-Ransomware versions 3.4.5 and earlier

【CVE-2008-0015】Please refer to the official list of affected versions: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037

【CVE-2026-2441】Please refer to the official list of affected versions: https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html

【CVE-2021-22175】Please refer to the official list of affected versions https://about.gitlab.com/releases/2021/02/11/security-release-gitlab-13-8-4-released/

【CVE-2026-22769】Please refer to the affected versions listed in the official documentation: https://www.dell.com/support/kbdoc/en-us/000426773/dsa-2026-079

【CVE-2025-49113】Please refer to the affected versions listed in the official documentation: https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10

【CVE-2025-68461】Please refer to the affected versions listed in the official documentation. https://roundcube.net/news/2025/12/13/security-updates-1.6.12-and-1.5.12

[Recommended Actions]
【CVE-2020-7796】An official patch has been released for this vulnerability. Please update to the relevant version: https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P7

【CVE-2024-7694】Update to version 3.5.0 or later, or use Hotfix-20240715 to patch the vulnerability.

【CVE-2008-0015】An official patch update has been released for this vulnerability. Please update to the relevant version: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037

【CVE-2026-2441】An official patch update has been released for this vulnerability. Please update to the relevant version: https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html

【CVE-2021-22175】An official patch update has been released for this vulnerability. Please update to the relevant version: https://about.gitlab.com/releases/2021/02/11/security-release-gitlab-13-8-4-released/

【CVE-2026-22769】An official patch update has been released for this vulnerability. Please update to the relevant version. https://www.dell.com/support/kbdoc/en-us/000426773/dsa-2026-079

【CVE-2025-49113】An official patch update has been released for this vulnerability. Please update to the relevant version: https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10

【CVE-2025-68461】An official patch update has been released for this vulnerability. Please update to the relevant version: https://roundcube.net/news/2025/12/13/security-updates-1.6.12-and-1.5.12

Files
None
【Back】
Top↑