CISA added Sophos, Oracle, and Microsoft product flaws to its Known Exploited Vulnerabilities catalog.
The Sophos flaw CVE-2023-1671 is a critical vulnerability that can be exploited for arbitrary code execution.
CVE-2020-2551 is an Oracle WebLogic Server flaw targeted by a Chinese threat actor in attacks on government and critical infrastructure organizations in Taiwan. [ more ]