CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    7.8

    HIGH
    CVE-2017-12234 - Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Cisco

    Description :There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-12234

    Alert Date: Mar 03, 2022 | 1511 days ago

    7.8

    HIGH
    CVE-2015-2387 - Microsoft ATM Font Driver Privilege Escalation Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Microsoft

    Description :ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server allows local users to gain privileges via a crafted application.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-2387

    Alert Date: Mar 03, 2022 | 1511 days ago

    10.0

    HIGH
    CVE-2017-12240 - Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Cisco

    Description :The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-12240

    Alert Date: Mar 03, 2022 | 1511 days ago

    6.5

    MEDIUM
    CVE-2017-12238 - Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Cisco

    Description :A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-12238

    Alert Date: Mar 03, 2022 | 1511 days ago

    9.3

    HIGH
    CVE-2015-2424 - Microsoft PowerPoint Memory Corruption Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Microsoft

    Description :Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-2424

    Alert Date: Mar 03, 2022 | 1511 days ago

    10.0

    CRITICAL
    CVE-2022-20708 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Cisco

    Description :A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-20708

    Alert Date: Mar 03, 2022 | 1511 days ago

    10.0

    CRITICAL
    CVE-2022-20703 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Cisco

    Description :A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-20703

    Alert Date: Mar 03, 2022 | 1511 days ago

    10.0

    CRITICAL
    CVE-2022-20701 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Cisco

    Description :A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-20701

    Alert Date: Mar 03, 2022 | 1511 days ago

    9.3

    HIGH
    CVE-2012-1535 - Adobe Flash Player Arbitrary Code Execution Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Adobe

    Description :Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content.

    Action :The impacted product is end-of-life and should be disconnected if still in use.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-1535

    Alert Date: Mar 03, 2022 | 1511 days ago

    10.0

    CRITICAL
    CVE-2022-20700 - Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Cisco

    Description :A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2022-20700

    Alert Date: Mar 03, 2022 | 1511 days ago

    7.8

    HIGH
    CVE-2021-41379 - Microsoft Windows Installer Privilege Escalation Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-41379

    Alert Date: Mar 03, 2022 | 1511 days ago

    9.8

    CRITICAL
    CVE-2020-1938 - Apache Tomcat Improper Privilege Management Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Apache

    Description :Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-1938

    Alert Date: Mar 03, 2022 | 1511 days ago

    9.3

    HIGH
    CVE-2019-1297 - Microsoft Excel Remote Code Execution Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Microsoft

    Description :A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1297

    Alert Date: Mar 03, 2022 | 1511 days ago

    7.4

    HIGH
    CVE-2018-8581 - Microsoft Exchange Server Privilege Escalation Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Microsoft

    Description :A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-8581

    Alert Date: Mar 03, 2022 | 1511 days ago

    7.6

    HIGH
    CVE-2018-8298 - ChakraCore Scripting Engine Type Confusion Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : ChakraCore

    Description :The ChakraCore scripting engine contains a type confusion vulnerability which can allow for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-8298

    Alert Date: Mar 03, 2022 | 1511 days ago

    7.1

    HIGH
    CVE-2018-0180 - Cisco IOS Software Denial-of-Service Vulnerability -

    Action Due Mar 17, 2022 Target Vendor : Cisco

    Description :A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0180

    Alert Date: Mar 03, 2022 | 1511 days ago

    10.0

    HIGH
    CVE-2011-3544 - Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Oracle

    Description :An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2011-3544

    Alert Date: Mar 03, 2022 | 1511 days ago

    9.3

    HIGH
    CVE-2010-0188 - Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Adobe

    Description :Unspecified vulnerability in Adobe Reader and Acrobat allows attackers to cause a denial of service or possibly execute arbitrary code.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Mar 03, 2022

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2010-0188

    Alert Date: Mar 03, 2022 | 1511 days ago

    7.8

    HIGH
    CVE-2009-1123 - Microsoft Windows Improper Input Validation Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Microsoft

    Description :The kernel in Microsoft Windows does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2009-1123

    Alert Date: Mar 03, 2022 | 1511 days ago

    8.8

    HIGH
    CVE-2008-3431 - Oracle VirtualBox Insufficient Input Validation Vulnerability -

    Action Due Mar 24, 2022 Target Vendor : Oracle

    Description :An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2008-3431

    Alert Date: Mar 03, 2022 | 1511 days ago
Showing 20 of 1581 Results

Filters