CISA Known Exploited Vulnerabilities (KEV)
7.8
CVE-2022-22960 - VMware Multiple Products Privilege Escalation Vulnerability -
Action Due May 06, 2022 Target Vendor : VMware
Description : VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-22960
10.0
CVE-2022-22954 - VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability -
Action Due May 05, 2022 Target Vendor : VMware
Description : VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-22954
9.8
CVE-2018-7602 - Drupal Core Remote Code Execution Vulnerability -
Action Due May 04, 2022 Target Vendor : Drupal
Description : A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-7602
9.8
CVE-2018-20753 - Kaseya VSA Remote Code Execution Vulnerability -
Action Due May 04, 2022 Target Vendor : Kaseya
Description : Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-20753
10.0
CVE-2015-5122 - Adobe Flash Player Use-After-Free Vulnerability -
Action Due May 04, 2022 Target Vendor : Adobe
Description : Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).
Action : The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-5122
10.0
CVE-2015-3113 - Adobe Flash Player Heap-Based Buffer Overflow Vulnerability -
Action Due May 04, 2022 Target Vendor : Adobe
Description : Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code.
Action : The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-3113
9.3
CVE-2015-2502 - Microsoft Internet Explorer Memory Corruption Vulnerability -
Action Due May 04, 2022 Target Vendor : Microsoft
Description : Microsoft Internet Explorer contains a memory corruption vulnerability that allows an attacker to execute code or cause a denial-of-service (DoS).
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-2502
10.0
CVE-2015-0313 - Adobe Flash Player Use-After-Free Vulnerability -
Action Due May 04, 2022 Target Vendor : Adobe
Description : Use-after-free vulnerability in Adobe Flash Player allows remote attackers to execute code.
Action : The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-0313
10.0
CVE-2015-0311 - Adobe Flash Player Remote Code Execution Vulnerability -
Action Due May 04, 2022 Target Vendor : Adobe
Description : Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute code.
Action : The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-0311
10.0
CVE-2014-9163 - Adobe Flash Player Stack-Based Buffer Overflow Vulnerability -
Action Due May 04, 2022 Target Vendor : Adobe
Description : Stack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely.
Action : The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2014-9163
7.8
CVE-2022-24521 - Microsoft Windows CLFS Driver Privilege Escalation Vulnerability -
Action Due May 04, 2022 Target Vendor : Microsoft
Description : Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-24521
10.0
CVE-2015-5123 - Adobe Flash Player Use-After-Free Vulnerability -
Action Due May 04, 2022 Target Vendor : Adobe
Description : Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).
Action : The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2015-5123
9.0
CVE-2022-23176 - WatchGuard Firebox and XTM Privilege Escalation Vulnerability -
Action Due May 02, 2022 Target Vendor : WatchGuard
Description : WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-23176
8.8
CVE-2021-42287 - Microsoft Active Directory Domain Services Privilege Escalation Vulnerability -
Action Due May 02, 2022 Target Vendor : Microsoft
Description : Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-42287
7.5
CVE-2021-42278 - Microsoft Active Directory Domain Services Privilege Escalation Vulnerability -
Action Due May 02, 2022 Target Vendor : Microsoft
Description : Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-42278
7.8
CVE-2021-39793 - Google Pixel Out-of-Bounds Write Vulnerability -
Action Due May 02, 2022 Target Vendor : Google
Description : Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-39793
9.8
CVE-2021-27852 - Checkbox Survey Deserialization of Untrusted Data Vulnerability -
Action Due May 02, 2022 Target Vendor : Checkbox
Description : Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code.
Action : Versions 6 and earlier for this product are end-of-life and must be removed from agency networks. Versions 7 and later are not considered vulnerable.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-27852
7.2
CVE-2021-22600 - Linux Kernel Privilege Escalation Vulnerability -
Action Due May 02, 2022 Target Vendor : Linux
Description : Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service (DoS) or possibly for privilege escalation.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-22600
9.8
CVE-2020-2509 - QNAP Network-Attached Storage (NAS) Command Injection Vulnerability -
Action Due May 02, 2022 Target Vendor : QNAP
Description : QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-2509
9.8
CVE-2017-11317 - Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerability -
Action Due May 02, 2022 Target Vendor : Telerik
Description : Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-11317