The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The two flaws are listed below –
CVE-2023-20963 (CVSS score: 7.8) – Android Framework Privilege Escalation Vulnerability
CVE-2023-29492 (CVSS score: TBD) – Novi Survey Insecure Deserialization Vulnerability
This article has been indexed from The Hacker News
Read the original article: