CISA Known Exploited Vulnerabilities (KEV)

CVE-2021-38163 - SAP NetWeaver Unrestricted File Upload Vulnerability -

Action Due Jun 30, 2022 Target Vendor : SAP

Description : SAP NetWeaver contains a vulnerability that allows unrestricted file upload.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-38163

CVE-2016-2386 - SAP NetWeaver SQL Injection Vulnerability -

Action Due Jun 30, 2022 Target Vendor : SAP

Description : SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-2386

CVE-2016-2388 - SAP NetWeaver Information Disclosure Vulnerability -

Action Due Jun 30, 2022 Target Vendor : SAP

Description : The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-2388

CVE-2019-7194 - QNAP Photo Station Path Traversal Vulnerability -

Action Due Jun 22, 2022 Target Vendor : QNAP

Description : QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-7194

CVE-2019-7193 - QNAP QTS Improper Input Validation Vulnerability -

Action Due Jun 22, 2022 Target Vendor : QNAP

Description : QNAP QTS contains an improper input validation vulnerability allowing remote attackers to inject code on the system.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Known

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-7193

CVE-2019-15271 - Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Cisco

Description : A deserialization of untrusted data vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an attacker to execute code with root privileges.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-15271

CVE-2018-6065 - Google Chromium V8 Integer Overflow Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Google

Description : Google Chromium V8 Engine contains an integer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-6065

CVE-2018-4990 - Adobe Acrobat and Reader Double Free Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Adobe

Description : Adobe Acrobat and Reader have a double free vulnerability that could lead to remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-4990

CVE-2018-17480 - Google Chromium V8 Out-of-Bounds Write Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Google

Description : Google Chromium V8 Engine contains out-of-bounds write vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-17480

CVE-2018-17463 - Google Chromium V8 Remote Code Execution Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Google

Description : Google Chromium V8 Engine contains an unspecified vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-17463

CVE-2017-6862 - NETGEAR Multiple Devices Buffer Overflow Vulnerability -

Action Due Jun 22, 2022 Target Vendor : NETGEAR

Description : Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-6862

CVE-2017-5070 - Google Chromium V8 Type Confusion Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Google

Description : Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-5070

CVE-2017-5030 - Google Chromium V8 Memory Corruption Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Google

Description : Google Chromium V8 Engine contains a memory corruption vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-5030

CVE-2016-5198 - Google Chromium V8 Out-of-Bounds Memory Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Google

Description : Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to perform read/write operations, leading to code execution, via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-5198

CVE-2013-1331 - Microsoft Office Buffer Overflow Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Microsoft

Description : Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via crafted PNG data in an Office document.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-1331

CVE-2012-5054 - Adobe Flash Player Integer Overflow Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Adobe

Description : Adobe Flash Player contains an integer overflow vulnerability that allows remote attackers to execute code via malformed arguments.

Action : The impacted product is end-of-life and should be disconnected if still in use.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2012-5054

CVE-2012-4969 - Microsoft Internet Explorer Use-After-Free Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Microsoft

Description : Microsoft Internet Explorer contains a use-after-free vulnerability that allows remote attackers to execute code via a crafted web site.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2012-4969

CVE-2012-1889 - Microsoft XML Core Services Memory Corruption Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Microsoft

Description : Microsoft XML Core Services contains a memory corruption vulnerability which could allow for remote code execution.

Action : Apply updates per vendor instructions.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2012-1889

CVE-2012-0767 - Adobe Flash Player Cross-Site Scripting (XSS) Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Adobe

Description : Adobe Flash Player contains a XSS vulnerability that allows remote attackers to inject web script or HTML.

Action : The impacted product is end-of-life and should be disconnected if still in use.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2012-0767

CVE-2012-0754 - Adobe Flash Player Memory Corruption Vulnerability -

Action Due Jun 22, 2022 Target Vendor : Adobe

Description : Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).

Action : The impacted product is end-of-life and should be disconnected if still in use.

Known To Be Used in Ransomware Campaigns? : Unknown

Notes : https://nvd.nist.gov/vuln/detail/CVE-2012-0754