CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.Y

    5.8

    MEDIUM
    CVE-2016-3715 - ImageMagick Arbitrary File Deletion Vulnerability -

    Action Due May 03, 2022 Target Vendor : ImageMagick

    Description : ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-3715

    Alert Date: Nov 03, 2021 | 1458 days ago

    7.8

    HIGH
    CVE-2021-31979 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description : Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-31979

    Alert Date: Nov 03, 2021 | 1458 days ago

    9.8

    CRITICAL
    CVE-2020-15505 - Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Ivanti

    Description : Ivanti MobileIron's Core & Connector, Sentry, and Monitor and Reporting Database (RDB) products contain an unspecified vulnerability that allows for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-15505

    Alert Date: Nov 03, 2021 | 1458 days ago

    10.0

    CRITICAL
    CVE-2021-30116 - Kaseya Virtual System/Server Administrator (VSA) Information Disclosure Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Kaseya

    Description : Kaseya Virtual System/Server Administrator (VSA) contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further attacks against the system.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-30116

    Alert Date: Nov 03, 2021 | 1458 days ago

    9.8

    CRITICAL
    CVE-2020-7961 - Liferay Portal Deserialization of Untrusted Data Vulnerability -

    Action Due May 03, 2022 Target Vendor : Liferay

    Description : Liferay Portal contains a deserialization of untrusted data vulnerability that allows remote attackers to execute code via JSON web services.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-7961

    Alert Date: Nov 03, 2021 | 1458 days ago

    8.2

    HIGH
    CVE-2021-23874 - McAfee Total Protection (MTP) Improper Privilege Management Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : McAfee

    Description : McAfee Total Protection (MTP) contains an improper privilege management vulnerability that allows a local user to gain elevated privileges and execute code, bypassing MTP self-defense.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-23874

    Alert Date: Nov 03, 2021 | 1458 days ago

    7.5

    HIGH
    CVE-2021-22506 - Micro Focus Access Manager Information Leakage Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Micro Focus

    Description : Micro Focus Access Manager contains an information leakage vulnerability resulting from a SAML service provider redirection issue when the Assertion Consumer Service URL is used.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-22506

    Alert Date: Nov 03, 2021 | 1458 days ago

    10.0

    HIGH
    CVE-2021-22502 - Micro Focus Operation Bridge Report (OBR) Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Micro Focus

    Description : Micro Focus Operation Bridge Report (OBR) contains an unspecified vulnerability that allows for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-22502

    Alert Date: Nov 03, 2021 | 1458 days ago

    9.8

    CRITICAL
    CVE-2021-38647 - Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description : Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-38647

    Alert Date: Nov 03, 2021 | 1458 days ago

    7.8

    HIGH
    CVE-2016-0167 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description : Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-0167

    Alert Date: Nov 03, 2021 | 1458 days ago

    7.5

    HIGH
    CVE-2020-0878 - Microsoft Edge and Internet Explorer Memory Corruption Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description : Microsoft Edge and Internet Explorer contain a memory corruption vulnerability that allows attackers to execute code in the context of the current user.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-0878

    Alert Date: Nov 03, 2021 | 1458 days ago

    5.5

    MEDIUM
    CVE-2021-31955 - Microsoft Windows Kernel Information Disclosure Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description : Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memory from a user-mode process.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-31955

    Alert Date: Nov 03, 2021 | 1458 days ago

    7.8

    HIGH
    CVE-2021-1647 - Microsoft Defender Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description : Microsoft Defender contains an unspecified vulnerability that allows for remote code execution.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-1647

    Alert Date: Nov 03, 2021 | 1458 days ago

    8.4

    HIGH
    CVE-2021-33739 - Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description : Microsoft Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-33739

    Alert Date: Nov 03, 2021 | 1458 days ago

    9.3

    HIGH
    CVE-2016-0185 - Microsoft Windows Media Center Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description : Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2016-0185

    Alert Date: Nov 03, 2021 | 1458 days ago

    7.8

    HIGH
    CVE-2020-0683 - Microsoft Windows Installer Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description : Microsoft Windows Installer contains a privilege escalation vulnerability when MSI packages process symbolic links, which allows attackers to bypass access restrictions to add or remove files.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-0683

    Alert Date: Nov 03, 2021 | 1458 days ago

    7.8

    HIGH
    CVE-2020-17087 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description : Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2020-17087

    Alert Date: Nov 03, 2021 | 1458 days ago

    7.8

    HIGH
    CVE-2021-33771 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description : Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-33771

    Alert Date: Nov 03, 2021 | 1458 days ago

    9.3

    HIGH
    CVE-2021-31956 - Microsoft Windows NTFS Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description : Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-31956

    Alert Date: Nov 03, 2021 | 1458 days ago

    7.8

    HIGH
    CVE-2021-31201 - Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description : Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.

    Action : Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes : https://nvd.nist.gov/vuln/detail/CVE-2021-31201

    Alert Date: Nov 03, 2021 | 1458 days ago
Showing 20 of 1457 Results

Filters