CISA Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

    9.8

    CVSS31
    CVE-2023-48788 - Fortinet FortiClient EMS SQL Injection Vulnerability -

    Action Due Apr 15, 2024 Target Vendor : Fortinet

    Description : Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically crafted requests.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://www.fortiguard.com/psirt/FG-IR-24-007

    Alert Date: Mar 25, 2024 | 175 days ago

    9.8

    CVSS31
    CVE-2024-27198 - JetBrains TeamCity Authentication Bypass Vulnerability -

    Action Due Mar 28, 2024 Target Vendor : JetBrains

    Description : JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://www.jetbrains.com/help/teamcity/teamcity-2023-11-4-release-notes.html

    Alert Date: Mar 07, 2024 | 193 days ago

    7.8

    CVSS31
    CVE-2024-23225 - Apple iOS and iPadOS Memory Corruption Vulnerability -

    Action Due Mar 27, 2024 Target Vendor : Apple

    Description : Apple iOS and iPadOS kernel contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214082

    Alert Date: Mar 06, 2024 | 194 days ago

    7.8

    CVSS31
    CVE-2024-23296 - Apple iOS and iPadOS Memory Corruption Vulnerability -

    Action Due Mar 27, 2024 Target Vendor : Apple

    Description : Apple iOS and iPadOS RTKit contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://support.apple.com/en-us/HT214081

    Alert Date: Mar 06, 2024 | 194 days ago

    6.2

    CVSS31
    CVE-2023-21237 - Android Pixel Information Disclosure Vulnerability -

    Action Due Mar 26, 2024 Target Vendor : Android

    Description : Android Pixel contains a vulnerability in the Framework component, where the UI may be misleading or insufficient, providing a means to hide a foreground service notification. This could enable a local attacker to disclose sensitive information.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://source.android.com/docs/security/bulletin/pixel/2023-06-01

    Alert Date: Mar 05, 2024 | 195 days ago

    9.8

    CVSS31
    CVE-2021-36380 - Sunhillo SureLine OS Command Injection Vulnerablity -

    Action Due Mar 26, 2024 Target Vendor : Sunhillo

    Description : Sunhillo SureLine contains an OS command injection vulnerability that allows an attacker to cause a denial-of-service or utilize the device for persistence on the network via shell metacharacters in ipAddr or dnsAddr in /cgi/networkDiag.cgi.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://www.sunhillo.com/fb011/

    Alert Date: Mar 05, 2024 | 195 days ago

    7.8

    CVSS31
    CVE-2024-21338 - Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability -

    Action Due Mar 25, 2024 Target Vendor : Microsoft

    Description : Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21338

    Alert Date: Mar 04, 2024 | 196 days ago

    8.4

    CVSS31
    CVE-2023-29360 - Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability -

    Action Due Mar 21, 2024 Target Vendor : Microsoft

    Description : Microsoft Streaming Service contains an untrusted pointer dereference vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29360

    Alert Date: Feb 29, 2024 | 200 days ago

    10.0

    CVSS31
    CVE-2024-1709 - ConnectWise ScreenConnect Authentication Bypass Vulnerability -

    Action Due Feb 29, 2024 Target Vendor : ConnectWise

    Description : ConnectWise ScreenConnect contains an authentication bypass vulnerability that allows an attacker with network access to the management interface to create a new, administrator-level account on affected devices.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8

    Alert Date: Feb 22, 2024 | 207 days ago

    7.5

    CVSS31
    CVE-2020-3259 - Cisco ASA and FTD Information Disclosure Vulnerability -

    Action Due Mar 07, 2024 Target Vendor : Cisco

    Description : Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an information disclosure vulnerability. An attacker could retrieve memory contents on an affected device, which could lead to the disclosure of confidential information due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. This vulnerability affects only specific AnyConnect and WebVPN configurations.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB

    Alert Date: Feb 15, 2024 | 214 days ago

    9.8

    CVSS31
    CVE-2024-21410 - Microsoft Exchange Server Privilege Escalation Vulnerability -

    Action Due Mar 07, 2024 Target Vendor : Microsoft

    Description : Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21410

    Alert Date: Feb 15, 2024 | 214 days ago

    8.1

    CVSS31
    CVE-2024-21412 - Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability -

    Action Due Mar 05, 2024 Target Vendor : Microsoft

    Description : Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21412

    Alert Date: Feb 13, 2024 | 216 days ago

    7.6

    CVSS31
    CVE-2024-21351 - Microsoft Windows SmartScreen Security Feature Bypass Vulnerability -

    Action Due Mar 05, 2024 Target Vendor : Microsoft

    Description : Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21351

    Alert Date: Feb 13, 2024 | 216 days ago

    6.1

    CVSS31
    CVE-2023-43770 - Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability -

    Action Due Mar 04, 2024 Target Vendor : Roundcube

    Description : Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that can lead to information disclosure via malicious link references in plain/text messages.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://roundcube.net/news/2023/09/15/security-update-1.6.3-released

    Alert Date: Feb 12, 2024 | 217 days ago

    9.8

    CVSS31
    CVE-2024-21762 - Fortinet FortiOS Out-of-Bound Write Vulnerability -

    Action Due Feb 16, 2024 Target Vendor : Fortinet

    Description : Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://fortiguard.fortinet.com/psirt/FG-IR-24-015

    Alert Date: Feb 09, 2024 | 220 days ago

    8.8

    CVSS31
    CVE-2023-4762 - Google Chromium V8 Type Confusion Vulnerability -

    Action Due Feb 27, 2024 Target Vendor : Google

    Description : Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html

    Alert Date: Feb 06, 2024 | 223 days ago

    7.0

    CVSS31
    CVE-2022-48618 - Apple Multiple Products Improper Authentication Vulnerability -

    Action Due Feb 21, 2024 Target Vendor : Apple

    Description : Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an improper authentication vulnerability that allows an attacker with read and write capabilities to bypass Pointer Authentication.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://support.apple.com/en-us/HT213530, https://support.apple.com/en-us/HT213532, https://support.apple.com/en-us/HT213535, https://support.apple.com/en-us/HT213536

    Alert Date: Jan 31, 2024 | 229 days ago

    8.2

    CVSS31
    CVE-2024-21893 - Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability -

    Action Due Feb 02, 2024 Target Vendor : Ivanti

    Description : Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a server-side request forgery (SSRF) vulnerability in the SAML component that allows an attacker to access certain restricted resources without authentication.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://forums.ivanti.com/s/article/KB-CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

    Alert Date: Jan 31, 2024 | 229 days ago

    9.8

    CVSS31
    CVE-2023-22527 - Atlassian Confluence Data Center and Server Template Injection Vulnerability -

    Action Due Feb 14, 2024 Target Vendor : Atlassian

    Description : Atlassian Confluence Data Center and Server contain an unauthenticated OGNL template injection vulnerability that can lead to remote code execution.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html

    Alert Date: Jan 24, 2024 | 236 days ago

    8.8

    CVSS31
    CVE-2024-23222 - Apple Multiple Products Type Confusion Vulnerability -

    Action Due Feb 13, 2024 Target Vendor : Apple

    Description : Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content.

    Action : Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214056, https://support.apple.com/en-us/HT214057, https://support.apple.com/en-us/HT214058, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214061, https://support.apple.com/en-us/HT214063

    Alert Date: Jan 23, 2024 | 237 days ago
Showing 20 of 1170 Results

Filters