Discover Government News
Exploited Control Web Panel Flaw Added to CISA 'Must-Patch' List
The US government’s cybersecurity agency CISA is giving federal agencies an early February deadline to patch a critical -- and already exploited -- security vulnerability in the widely used CentOS Control Web Panel utility.
The agency added the CVE-2022-44877 flaw to its KEV (Known Exploited Vulnerabilities) catalog and set a February 7th deadline for federal agencies to test and deploy an available fix.
Security researchers warned earlier this month that the publication of proof-of-concept code and a YouTube video demonstration would lead to live attacks. Soon after, threat-hunting outfits GreyNoise and Shadowserver spotted signs of exploitation in the wild.