CISA Known Exploited Vulnerabilities Catalog
9.0
CVE-2014-1812 - Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description : Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use them to elevate privileges on the domain.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
9.8
CVE-2021-38647 - Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description : Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
7.8
CVE-2016-0167 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description : Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
7.5
CVE-2020-0878 - Microsoft Edge and Internet Explorer Memory Corruption Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description : Microsoft Edge and Internet Explorer contain a memory corruption vulnerability that allows attackers to execute code in the context of the current user.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
5.5
CVE-2021-31955 - Microsoft Windows Kernel Information Disclosure Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description : Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memory from a user-mode process.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
7.8
CVE-2021-1647 - Microsoft Defender Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description : Microsoft Defender contains an unspecified vulnerability that allows for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
8.4
CVE-2021-33739 - Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description : Microsoft Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown