Active Attack: FBI warns of 0-day to FatPipe WARP, MPVPN, and IPVPN Software being

LINK FatPipe released a patch and security advisory, FPSA006, on November 16, 2021, that fixes the vulnerability. All FatPipe WARP, MPVPN, and IPVPN device software prior to releases 10.1.2r60p93 and 10.2.2r44p1 are vulnerable. The security advisory and additional details are available at the following URL: https://fatpipeinc.com/support/cve-list.php.

CISA Updates their “Known Exploited Vulnerability” list with 4 new CVEs

The following are being added CVE Number CVE Title Remediation Due Date CVE-2021-22204 Exiftool Remote Code Execution vulnerability 12/01/2021 CVE-2021-40449 Microsoft Win32k Elevation of Privilege     12/01/2021 CVE-2021-42292 Microsoft Excel Security Feature Bypass     12/01/2021 CVE-2021-42321 Microsoft Exchange Server Remote Code Execution     12/01/2021 The Master List is now presented by CISA in a CSV. […]