CISA Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

    10.0

    CVSS31
    CVE-2019-11510 - Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability -

    Action Due Apr 23, 2021 Target Vendor : Ivanti

    Description : Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacker with network access via HTTPS to send a specially crafted URI.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : Reference CISA's ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2019-11510

    Alert Date: Nov 03, 2021 | 1128 days ago

    9.8

    CVSS31
    CVE-2020-11651 - SaltStack Salt Authentication Bypass Vulnerability -

    Action Due May 03, 2022 Target Vendor : SaltStack

    Description : SaltStack Salt contains an authentication bypass vulnerability in the salt-master process ClearFuncs due to improperly validating method calls. The vulnerability allows a remote user to access some methods without authentication, which can be used to retrieve user tokens from the salt master and/or run commands on salt minions. Salt users who follow fundamental internet security guidelines and best practices are not affected by this vulnerability.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-11651

    Alert Date: Nov 03, 2021 | 1128 days ago

    9.8

    CVSS31
    CVE-2021-20021 - SonicWall Email Security Improper Privilege Management Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SonicWall

    Description : SonicWall Email Security contains an improper privilege management vulnerability that allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20022 and CVE-2021-20023 to achieve privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-20021

    Alert Date: Nov 03, 2021 | 1128 days ago

    9.8

    CVSS31
    CVE-2020-10181 - Sumavision EMR Cross-Site Request Forgery (CSRF) Vulnerability -

    Action Due May 03, 2022 Target Vendor : Sumavision

    Description : Sumavision Enhanced Multimedia Router (EMR) contains a cross-site request forgery (CSRF) vulnerability allowing the creation of users with elevated privileges as administrator on a device.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-10181

    Alert Date: Nov 03, 2021 | 1128 days ago

    7.0

    CVSS31
    CVE-2019-18988 - TeamViewer Desktop Bypass Remote Login Vulnerability -

    Action Due May 03, 2022 Target Vendor : TeamViewer

    Description : TeamViewer Desktop allows for bypass of remote-login access control because the same AES key is used for different customers' installations. If an attacker were to know this key, they could decrypt protected information stored in registry or configuration files or decryption of the Unattended Access password to the system (which allows for remote login to the system).

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-18988

    Alert Date: Nov 03, 2021 | 1128 days ago

    7.8

    CVSS31
    CVE-2020-24557 - Trend Micro Multiple Products Improper Access Control Vulnerability -

    Action Due May 03, 2022 Target Vendor : Trend Micro

    Description : Trend Micro Apex One, OfficeScan, and Worry-Free Business Security on Microsoft Windows contain an improper access control vulnerability that may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function, and attain privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-24557

    Alert Date: Nov 03, 2021 | 1128 days ago

    9.8

    CVSS31
    CVE-2020-5847 - Unraid Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Unraid

    Description : Unraid contains a vulnerability due to the insecure use of the extract PHP function that can be abused to execute remote code as root. This CVE is chainable with CVE-2020-5849 for initial access.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-5847

    Alert Date: Nov 03, 2021 | 1128 days ago

    9.8

    CVSS31
    CVE-2019-5544 - VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability -

    Action Due May 03, 2022 Target Vendor : VMware

    Description : VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrite the heap of the OpenSLP service to perform remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-5544

    Alert Date: Nov 03, 2021 | 1128 days ago

    6.5

    CVSS30
    CVE-2019-8394 - Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability -

    Action Due May 03, 2022 Target Vendor : Zoho

    Description : Zoho ManageEngine ServiceDesk Plus (SDP) contains an unspecified vulnerability that allows remote users to upload files via login page customization.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-8394

    Alert Date: Nov 03, 2021 | 1128 days ago
Showing 20 of 1229 Results

Filters

© cvefeed.io
Latest DB Update: Dec. 05, 2024 4:22