CVE-2021-27852 added to CISA KEV: Checkbox Checkbox Survey

Status: ✅ Confirmed exploited in the wild

Date added: 2022-04-11

Required action: Versions 6 and earlier for this product are end-of-life and must be removed from agency networks. Versions 7 and later are not considered vulnerable.

Due date: 2022-05-02

Why this matters

Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code.

Sources

CISA KEV catalog entry
NVD detail page
MITRE CVE record

Lyrie Verdict

Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.

#checkbox #checkbox-survey #cisa-kev #exploited-itw

Validated sources

[1]CISA Known Exploited Vulnerabilities Catalog
[2]NVD entry
[3]MITRE CVE record