CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    7.8

    HIGH
    CVE-2020-0938 - Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0938

    Alert Date: Nov 03, 2021 | 1634 days ago

    7.8

    HIGH
    CVE-2020-0986 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows kernel contains an unspecified vulnerability when handling objects in memory that allows attackers to escalate privileges and execute code in kernel mode.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0986

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.8

    CRITICAL
    CVE-2021-34523 - Microsoft Exchange Server Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-34523

    Alert Date: Nov 03, 2021 | 1634 days ago

    8.8

    HIGH
    CVE-2021-21220 - Google Chromium V8 Improper Input Validation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description :Google Chromium V8 Engine contains an improper input validation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21220

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.1

    CRITICAL
    CVE-2020-4428 - IBM Data Risk Manager Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : IBM

    Description :IBM Data Risk Manager contains an unspecified vulnerability which could allow a remote, authenticated attacker to execute commands on the system.�

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-4428

    Alert Date: Nov 03, 2021 | 1634 days ago

    10.0

    CRITICAL
    CVE-2019-4716 - IBM Planning Analytics Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : IBM

    Description :IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-4716

    Alert Date: Nov 03, 2021 | 1634 days ago

    5.8

    MEDIUM
    CVE-2016-3715 - ImageMagick Arbitrary File Deletion Vulnerability -

    Action Due May 03, 2022 Target Vendor : ImageMagick

    Description :ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-3715

    Alert Date: Nov 03, 2021 | 1634 days ago

    6.6

    MEDIUM
    CVE-2021-31207 - Microsoft Exchange Server Security Feature Bypass Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Exchange Server contains an unspecified vulnerability that allows for security feature bypass.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31207

    Alert Date: Nov 03, 2021 | 1634 days ago

    7.8

    HIGH
    CVE-2019-0803 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Win32k contains an unspecified vulnerability due to it failing to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-0803

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.8

    CRITICAL
    CVE-2018-6789 - Exim Buffer Overflow Vulnerability -

    Action Due May 03, 2022 Target Vendor : Exim

    Description :Exim contains a buffer overflow vulnerability in the base64d function part of the SMTP listener that may allow for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-6789

    Alert Date: Nov 03, 2021 | 1634 days ago

    7.8

    HIGH
    CVE-2021-1647 - Microsoft Defender Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Defender contains an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1647

    Alert Date: Nov 03, 2021 | 1634 days ago

    8.4

    HIGH
    CVE-2021-33739 - Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-33739

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.3

    HIGH
    CVE-2016-0185 - Microsoft Windows Media Center Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-0185

    Alert Date: Nov 03, 2021 | 1634 days ago

    7.8

    HIGH
    CVE-2021-33771 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-33771

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.3

    HIGH
    CVE-2021-31956 - Microsoft Windows NTFS Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31956

    Alert Date: Nov 03, 2021 | 1634 days ago

    7.8

    HIGH
    CVE-2021-31201 - Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31201

    Alert Date: Nov 03, 2021 | 1634 days ago

    7.8

    HIGH
    CVE-2021-31979 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31979

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.0

    HIGH
    CVE-2021-34527 - Microsoft Windows Print Spooler Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows Print Spooler contains an unspecified vulnerability due to the Windows Print Spooler service improperly performing privileged file operations. Successful exploitation allows an attacker to perform remote code execution with SYSTEM privileges. The vulnerability is also known under the moniker of PrintNightmare.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :Reference CISA's ED 21-04 (https://www.cisa.gov/news-events/directives/ed-21-04-mitigate-windows-print-spooler-service-vulnerability) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-04. https://nvd.nist.gov/vuln/detail/CVE-2021-34527

    Alert Date: Nov 03, 2021 | 1634 days ago

    8.8

    HIGH
    CVE-2020-1020 - Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-1020

    Alert Date: Nov 03, 2021 | 1634 days ago

    7.8

    HIGH
    CVE-2021-38645 - Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-38645

    Alert Date: Nov 03, 2021 | 1634 days ago
Showing 20 of 1587 Results

Filters