CISA Alert AA22-279A – Top CVEs actively exploited by People’s Republic of China state-sponsored cyber actors.

This is a CISA Cybersecurity Alert. ID number Alpha Alpha Two Two tack Two Seven Nine Alpha.

Original release date – October sixth, twenty twenty two.

This joint Cybersecurity Advisory provides the top Common Vulnerabilities and Exposures used by the People’s Republic of China state-sponsored cyber actors. PRC cyber actors continue to exploit these known vulnerabilities and use publicly available tools to target networks of interest. PRC state-sponsored cyber actors have actively targeted U.S. and allied networks as well as software and hardware companies to steal intellectual property and develop access into sensitive networks.

CISA, FBI, and NSA have assessed that the twenty CVEs outlined in the alert documentation are the most common vulnerabilities exploited by PRC state-sponsored cyber actors since 2020. PRC state-sponsored cyber actors continue to exploit these known vulnerabilities to actively target U.S. and allied networks as well as software and hardware companies to steal intellectual property and develop access to sensitive networks.

PRC state-sponsored cyber activities are one of the largest and most dynamic threats to U.S. government and civilian networks. PRC state-sponsored cyber actors continue to target government and critical infrastructure networks with a diverse array of new and adaptive techniques—some of which pose a significant risk to telecommunications providers, the Defense Industrial Base, and other critical infrastructure organizations.

NSA, CISA, and FBI urge U.S. and allied governments, critical infrastructure, and private sector organizations to apply the recommendations listed in the Mitigations section and Appendix A of the alert documentation linked in the show notes to increase their defensive posture and reduce the threat of compromise from PRC state-sponsored malicious cyber actors.

To report incidents and anomalous activity or to request incident response resources or technical assistance, contact CISA at report@cisa.gov, or call (888) 282-0870, or report incidents to your local FBI field office.

This report was written by CISA, the United States Cybersecurity and Infrastructure Security Agency, and edited and adapted for audio by the CyberWire as a public service. Please visit www dot cisa dot gov to read the full report which may include additional details, links, and illustrations. A link to this report can be found in the show notes.

This has been a CISA Cybersecurity Alert.