CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
7.8
CVE-2016-0099 - Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-0099
10.0
CVE-2016-1019 - Adobe Flash Player Arbitrary Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :Adobe Flash Player allows remote attackers to cause a denial of service or possibly execute arbitrary code.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-1019
10.0
CVE-2016-4117 - Adobe Flash Player Arbitrary Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :An access of resource using incompatible type vulnerability exists within Adobe Flash Player that allows an attacker to perform remote code execution.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-4117
7.2
CVE-2016-5195 - Linux Kernel Race Condition Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Linux
Description :Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-5195
9.3
CVE-2016-7193 - Microsoft Office Memory Corruption Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :Microsoft Office contains a memory corruption vulnerability which can allow for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-7193
7.8
CVE-2016-7262 - Microsoft Office Security Feature Bypass Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-7262
7.5
CVE-2016-8562 - Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Siemens
Description :An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-8562
7.8
CVE-2017-0001 - Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-0001
9.3
CVE-2017-0261 - Microsoft Office Use-After-Free Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :Microsoft Office contains a use-after-free vulnerability which can allow for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-0261
8.8
CVE-2017-11292 - Adobe Flash Player Type Confusion Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description :Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution.
Action :The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-11292
9.3
CVE-2017-11826 - Microsoft Office Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description :A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-11826
7.8
CVE-2017-12231 - Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-12231
6.5
CVE-2017-12232 - Cisco IOS Software for Cisco Integrated Services Routers Denial-of-Service Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-12232
7.8
CVE-2017-12233 - Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-12233
6.5
CVE-2017-6663 - Cisco IOS Software and Cisco IOS XE Software Denial-of-Service Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in denial-of-service (DoS).
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-6663
9.0
CVE-2017-6736 - Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-6736
9.0
CVE-2017-6737 - Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-6737
9.0
CVE-2017-6738 - Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-6738
9.0
CVE-2017-6739 - Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-6739
9.0
CVE-2017-6740 - Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description :The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-6740