U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference and Adobe ColdFusion Improper Access Control vulnerabilities to its Known Exploited Vulnerabilities catalog.
The Windows Kernel-Mode Driver vulnerability can allow a local attacker to gain SYSTEM privileges.
The Adobe ColdFusion vulnerability can lead to arbitrary file reads through an exposed admin panel.