CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

    8.8

    HIGH
    CVE-2023-2033 - Google Chromium V8 Type Confusion Vulnerability -

    Action Due May 08, 2023 Target Vendor : Google

    Description : Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_14.html; https://nvd.nist.gov/vuln/detail/CVE-2023-2033

    Alert Date: Apr 17, 2023 | 874 days ago

    7.8

    HIGH
    CVE-2019-8526 - Apple macOS Use-After-Free Vulnerability -

    Action Due May 08, 2023 Target Vendor : Apple

    Description : Apple macOS contains a use-after-free vulnerability that could allow for privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://support.apple.com/en-us/HT209600; https://nvd.nist.gov/vuln/detail/CVE-2019-8526

    Alert Date: Apr 17, 2023 | 874 days ago

    9.8

    CRITICAL
    CVE-2023-29492 - Novi Survey Insecure Deserialization Vulnerability -

    Action Due May 04, 2023 Target Vendor : Novi Survey

    Description : Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://novisurvey.net/blog/novi-survey-security-advisory-apr-2023.aspx; https://nvd.nist.gov/vuln/detail/CVE-2023-29492

    Alert Date: Apr 13, 2023 | 878 days ago

    7.8

    HIGH
    CVE-2023-20963 - Android Framework Privilege Escalation Vulnerability -

    Action Due May 04, 2023 Target Vendor : Android

    Description : Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://source.android.com/docs/security/bulletin/2023-03-01; https://nvd.nist.gov/vuln/detail/CVE-2023-20963

    Alert Date: Apr 13, 2023 | 878 days ago

    7.8

    HIGH
    CVE-2023-28252 - Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability -

    Action Due May 02, 2023 Target Vendor : Microsoft

    Description : Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-28252; https://nvd.nist.gov/vuln/detail/CVE-2023-28252

    Alert Date: Apr 11, 2023 | 880 days ago

    8.8

    HIGH
    CVE-2023-28205 - Apple Multiple Products WebKit Use-After-Free Vulnerability -

    Action Due May 01, 2023 Target Vendor : Apple

    Description : Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://support.apple.com/en-us/HT213720,https://support.apple.com/en-us/HT213721,https://support.apple.com/en-us/HT213722,https://support.apple.com/en-us/HT213723; https://nvd.nist.gov/vuln/detail/CVE-2023-28205

    Alert Date: Apr 10, 2023 | 881 days ago

    8.6

    HIGH
    CVE-2023-28206 - Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability -

    Action Due May 01, 2023 Target Vendor : Apple

    Description : Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to execute code with kernel privileges.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://support.apple.com/en-us/HT213720, https://support.apple.com/en-us/HT213721; https://nvd.nist.gov/vuln/detail/CVE-2023-28206

    Alert Date: Apr 10, 2023 | 881 days ago

    8.1

    HIGH
    CVE-2021-27876 - Veritas Backup Exec Agent File Access Vulnerability -

    Action Due Apr 28, 2023 Target Vendor : Veritas

    Description : Veritas Backup Exec (BE) Agent contains a file access vulnerability that could allow an attacker to specially craft input parameters on a data management protocol command to access files on the BE Agent machine.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://www.veritas.com/support/en_US/security/VTS21-001; https://nvd.nist.gov/vuln/detail/CVE-2021-27876

    Alert Date: Apr 07, 2023 | 884 days ago

    9.8

    CRITICAL
    CVE-2021-27877 - Veritas Backup Exec Agent Improper Authentication Vulnerability -

    Action Due Apr 28, 2023 Target Vendor : Veritas

    Description : Veritas Backup Exec (BE) Agent contains an improper authentication vulnerability that could allow an attacker unauthorized access to the BE Agent via SHA authentication scheme.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://www.veritas.com/support/en_US/security/VTS21-001; https://nvd.nist.gov/vuln/detail/CVE-2021-27877

    Alert Date: Apr 07, 2023 | 884 days ago

    9.0

    HIGH
    CVE-2021-27878 - Veritas Backup Exec Agent Command Execution Vulnerability -

    Action Due Apr 28, 2023 Target Vendor : Veritas

    Description : Veritas Backup Exec (BE) Agent contains a command execution vulnerability that could allow an attacker to use a data management protocol command to execute a command on the BE Agent machine.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://www.veritas.com/support/en_US/security/VTS21-001; https://nvd.nist.gov/vuln/detail/CVE-2021-27878

    Alert Date: Apr 07, 2023 | 884 days ago

    3.3

    LOW
    CVE-2023-26083 - Arm Mali GPU Kernel Driver Information Disclosure Vulnerability -

    Action Due Apr 28, 2023 Target Vendor : Arm

    Description : Arm Mali GPU Kernel Driver contains an information disclosure vulnerability that allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities; https://nvd.nist.gov/vuln/detail/CVE-2023-26083

    Alert Date: Apr 07, 2023 | 884 days ago

    7.8

    HIGH
    CVE-2019-1388 - Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability -

    Action Due Apr 28, 2023 Target Vendor : Microsoft

    Description : Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes in an elevated context.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1388; https://nvd.nist.gov/vuln/detail/CVE-2019-1388

    Alert Date: Apr 07, 2023 | 884 days ago

    6.1

    MEDIUM
    CVE-2022-27926 - Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability -

    Action Due Apr 24, 2023 Target Vendor : Zimbra

    Description : Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability by allowing an endpoint URL to accept parameters without sanitizing.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://wiki.zimbra.com/wiki/Security_Center; https://nvd.nist.gov/vuln/detail/CVE-2022-27926

    Alert Date: Apr 03, 2023 | 888 days ago

    10.0

    HIGH
    CVE-2017-7494 - Samba Remote Code Execution Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Samba

    Description : Samba contains a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share and then cause the server to load and execute it.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://www.samba.org/samba/security/CVE-2017-7494.html; https://nvd.nist.gov/vuln/detail/CVE-2017-7494

    Alert Date: Mar 30, 2023 | 892 days ago

    9.8

    CRITICAL
    CVE-2022-42948 - Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Fortra

    Description : Fortra Cobalt Strike User Interface contains an unspecified vulnerability rooted in Java Swing that may allow remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-2/; https://nvd.nist.gov/vuln/detail/CVE-2022-42948

    Alert Date: Mar 30, 2023 | 892 days ago

    6.1

    MEDIUM
    CVE-2022-39197 - Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Fortra

    Description : Fortra Cobalt Strike contains a cross-site scripting (XSS) vulnerability in Teamserver that would allow an attacker to set a malformed username in the Beacon configuration, allowing them to execute code remotely.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-1/; https://nvd.nist.gov/vuln/detail/CVE-2022-39197

    Alert Date: Mar 30, 2023 | 892 days ago

    9.3

    HIGH
    CVE-2021-30900 - Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Apple

    Description : Apple GPU drivers, included in iOS, iPadOS, and macOS, contain an out-of-bounds write vulnerability that may allow a malicious application to execute code with kernel privileges.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://support.apple.com/en-us/HT21286, https://support.apple.com/en-us/HT212868, https://support.apple.com/kb/HT212872; https://nvd.nist.gov/vuln/detail/CVE-2021-30900

    Alert Date: Mar 30, 2023 | 892 days ago

    8.8

    HIGH
    CVE-2022-38181 - Arm Mali GPU Kernel Driver Use-After-Free Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Arm

    Description : Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities; https://nvd.nist.gov/vuln/detail/CVE-2022-38181

    Alert Date: Mar 30, 2023 | 892 days ago

    7.9

    HIGH
    CVE-2023-0266 - Linux Kernel Use-After-Free Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Linux

    Description : Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.10/alsa-pcm-move-rwsem-lock-inside-snd_ctl_elem_read-to-prevent-uaf.patch?id=72783cf35e6c55bca84c4bb7b776c58152856fd4; https://nvd.nist.gov/vuln/detail/CVE-2023-0266

    Alert Date: Mar 30, 2023 | 892 days ago

    7.8

    HIGH
    CVE-2022-22706 - Arm Mali GPU Kernel Driver Unspecified Vulnerability -

    Action Due Apr 20, 2023 Target Vendor : Arm

    Description : Arm Mali GPU Kernel Driver contains an unspecified vulnerability that allows a non-privileged user to achieve write access to read-only memory pages.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities; https://nvd.nist.gov/vuln/detail/CVE-2022-22706

    Alert Date: Mar 30, 2023 | 892 days ago
Showing 20 of 1416 Results

Filters