CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
9.0
CVE-2017-6744 - Cisco IOS Software SNMP Remote Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Cisco
Description : The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-6744
7.8
CVE-2002-0367 - Microsoft Windows Privilege Escalation Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description : smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2002-0367
10.0
CVE-2016-4117 - Adobe Flash Player Arbitrary Code Execution Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description : An access of resource using incompatible type vulnerability exists within Adobe Flash Player that allows an attacker to perform remote code execution.
Action : The impacted product is end-of-life and should be disconnected if still in use.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-4117
7.8
CVE-2016-7262 - Microsoft Office Security Feature Bypass Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Microsoft
Description : A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-7262
7.5
CVE-2016-8562 - Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Siemens
Description : An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-8562
7.8
CVE-2018-0159 - Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description : A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-0159
7.1
CVE-2018-0180 - Cisco IOS Software Denial-of-Service Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description : A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-0180
7.6
CVE-2018-8298 - ChakraCore Scripting Engine Type Confusion Vulnerability -
Action Due Mar 17, 2022 Target Vendor : ChakraCore
Description : The ChakraCore scripting engine contains a type confusion vulnerability which can allow for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-8298
9.3
CVE-2019-1297 - Microsoft Excel Remote Code Execution Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Microsoft
Description : A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-1297
9.8
CVE-2019-16928 - Exim Out-of-bounds Write Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Exim
Description : Exim contains an out-of-bounds write vulnerability which can allow for remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2019-16928
10.0
CVE-2022-20708 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -
Action Due Mar 17, 2022 Target Vendor : Cisco
Description : A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-20708
9.3
CVE-2013-0640 - Adobe Reader and Acrobat Memory Corruption Vulnerability -
Action Due Mar 24, 2022 Target Vendor : Adobe
Description : An memory corruption vulnerability exists in the acroform.dll in Adobe Reader that allows an attacker to perform remote code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2013-0640
6.1
CVE-2022-24682 - Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting Vulnerability -
Action Due Mar 11, 2022 Target Vendor : Synacor
Description : Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability in the Calendar feature that allows an attacker to execute arbitrary code.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Feb 25, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-24682
9.3
CVE-2017-8570 - Microsoft Office Remote Code Execution Vulnerability -
Action Due Aug 25, 2022 Target Vendor : Microsoft
Description : A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-8570
8.8
CVE-2017-0222 - Microsoft Internet Explorer Remote Code Execution Vulnerability -
Action Due Aug 25, 2022 Target Vendor : Microsoft
Description : A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2017-0222
9.3
CVE-2014-6352 - Microsoft Windows Code Injection Vulnerability -
Action Due Aug 25, 2022 Target Vendor : Microsoft
Description : Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2014-6352
9.8
CVE-2022-23131 - Zabbix Frontend Authentication Bypass Vulnerability -
Action Due Mar 08, 2022 Target Vendor : Zabbix
Description : Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-23131
5.3
CVE-2022-23134 - Zabbix Frontend Improper Access Control Vulnerability -
Action Due Mar 08, 2022 Target Vendor : Zabbix
Description : Malicious actors can pass step checks and potentially change the configuration of Zabbix Frontend.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-23134
10.0
CVE-2022-24086 - Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability -
Action Due Mar 01, 2022 Target Vendor : Adobe
Description : Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes : https://nvd.nist.gov/vuln/detail/CVE-2022-24086
7.6
CVE-2018-8174 - Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability -
Action Due Aug 15, 2022 Target Vendor : Microsoft
Description : A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution"
Action : Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Feb 15, 2022
Notes : https://nvd.nist.gov/vuln/detail/CVE-2018-8174