CISA Known Exploited Vulnerabilities Catalog
8.8
CVE-2020-8467 - Trend Micro Apex One and OfficeScan Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Trend Micro
Description : Trend Micro Apex One and OfficeScan contain an unspecified vulnerability within a migration tool component that allows for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2020-8468 - Trend Micro Multiple Products Content Validation Escape Vulnerability -
Action Due May 03, 2022 Target Vendor : Trend Micro
Description : Trend Micro Apex One, OfficeScan, and Worry-Free Business Security agents contain a content validation escape vulnerability that could allow an attacker to manipulate certain agent client components.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.8
CVE-2020-24557 - Trend Micro Multiple Products Improper Access Control Vulnerability -
Action Due May 03, 2022 Target Vendor : Trend Micro
Description : Trend Micro Apex One, OfficeScan, and Worry-Free Business Security on Microsoft Windows contain an improper access control vulnerability that may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function, and attain privilege escalation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2020-8599 - Trend Micro Apex One and OfficeScan Authentication Bypass Vulnerability -
Action Due May 03, 2022 Target Vendor : Trend Micro
Description : Trend Micro Apex One and OfficeScan server contain a vulnerable EXE file that could allow a remote attacker to write data to a path on affected installations and bypass root login.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2021-27104 - Accellion FTA OS Command Injection Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Accellion
Description : Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
7.8
CVE-2021-27102 - Accellion FTA OS Command Injection Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Accellion
Description : Accellion FTA contains an OS command injection vulnerability exploited via a local web service call.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
9.8
CVE-2021-27101 - Accellion FTA SQL Injection Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Accellion
Description : Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to document_root.html.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
9.8
CVE-2021-27103 - Accellion FTA Server-Side Request Forgery (SSRF) Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Accellion
Description : Accellion FTA contains a server-side request forgery (SSRF) vulnerability exploited via a crafted POST request to wmProgressstat.html.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
8.8
CVE-2021-21017 - Adobe Acrobat and Reader Heap-based Buffer Overflow Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Adobe
Description : Acrobat Acrobat and Reader contain a heap-based buffer overflow vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.8
CVE-2021-28550 - Adobe Acrobat and Reader Use-After-Free Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Adobe
Description : Adobe Acrobat and Reader contains a use-after-free vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2018-4939 - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability -
Action Due May 03, 2022 Target Vendor : Adobe
Description : Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could allow for code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2018-15961 - Adobe ColdFusion Unrestricted File Upload Vulnerability -
Action Due May 03, 2022 Target Vendor : Adobe
Description : Adobe ColdFusion contains an unrestricted file upload vulnerability that could allow for code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2018-4878 - Adobe Flash Player Use-After-Free Vulnerability -
Action Due May 03, 2022 Target Vendor : Adobe
Description : Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.
Action : The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Known
8.8
CVE-2020-5735 - Amcrest Cameras and NVR Stack-based Buffer Overflow Vulnerability -
Action Due May 03, 2022 Target Vendor : Amcrest
Description : Amcrest cameras and NVR contain a stack-based buffer overflow vulnerability through port 37777 that allows an unauthenticated, remote attacker to crash the device and possibly execute code.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.8
CVE-2019-2215 - Android Kernel Use-After-Free Vulnerability -
Action Due May 03, 2022 Target Vendor : Android
Description : Android Kernel contains a use-after-free vulnerability in binder.c that allows for privilege escalation from an application to the Linux Kernel. This vulnerability was observed chained with CVE-2020-0041 and CVE-2020-0069 under exploit chain "AbstractEmu."
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.8
CVE-2020-0041 - Android Kernel Out-of-Bounds Write Vulnerability -
Action Due May 03, 2022 Target Vendor : Android
Description : Android Kernel binder_transaction of binder.c contains an out-of-bounds write vulnerability due to an incorrect bounds check that could allow for local privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0069 under exploit chain "AbstractEmu."
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.8
CVE-2020-0069 - Mediatek Multiple Chipsets Insufficient Input Validation Vulnerability -
Action Due May 03, 2022 Target Vendor : MediaTek
Description : Multiple MediaTek chipsets contain an insufficient input validation vulnerability and have missing SELinux restrictions in the Command Queue drivers ioctl handlers. This causes an out-of-bounds write leading to privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0041 under exploit chain "AbstractEmu."
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.1
CVE-2017-9805 - Apache Struts Deserialization of Untrusted Data Vulnerability -
Action Due May 03, 2022 Target Vendor : Apache
Description : Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deserializing XML payloads.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2021-42013 - Apache HTTP Server Path Traversal Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Apache
Description : Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default �require all denied� or if CGI scripts are enabled. This CVE ID resolves an incomplete patch for CVE-2021-41773.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
7.5
CVE-2021-41773 - Apache HTTP Server Path Traversal Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Apache
Description : Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default �require all denied� or if CGI scripts are enabled. The original patch issued under this CVE ID is insufficient, please review remediation information under CVE-2021-42013.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known