CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    10.0

    HIGH
    CVE-2018-14558 - Tenda AC7, AC9, and AC10 Routers Command Injection Vulnerability -

    Action Due May 03, 2022 Target Vendor : Tenda

    Description :Tenda AC7, AC9, and AC10 devices contain a command injection vulnerability due to the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. Successful exploitation allows an attacker to execute OS commands via a crafted goform/setUsbUnload request.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-14558

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.8

    CRITICAL
    CVE-2018-20062 - ThinkPHP "noneCms" Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : ThinkPHP

    Description :ThinkPHP "noneCms" contains an unspecified vulnerability that allows for remote code execution through crafted use of the filter parameter.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-20062

    Alert Date: Nov 03, 2021 | 1632 days ago

    7.8

    HIGH
    CVE-2020-1464 - Microsoft Windows Spoofing Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-1464

    Alert Date: Nov 03, 2021 | 1632 days ago

    8.8

    HIGH
    CVE-2020-8468 - Trend Micro Multiple Products Content Validation Escape Vulnerability -

    Action Due May 03, 2022 Target Vendor : Trend Micro

    Description :Trend Micro Apex One, OfficeScan, and Worry-Free Business Security agents contain a content validation escape vulnerability that could allow an attacker to manipulate certain agent client components.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8468

    Alert Date: Nov 03, 2021 | 1632 days ago

    7.8

    HIGH
    CVE-2020-24557 - Trend Micro Multiple Products Improper Access Control Vulnerability -

    Action Due May 03, 2022 Target Vendor : Trend Micro

    Description :Trend Micro Apex One, OfficeScan, and Worry-Free Business Security on Microsoft Windows contain an improper access control vulnerability that may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function, and attain privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-24557

    Alert Date: Nov 03, 2021 | 1632 days ago

    7.8

    HIGH
    CVE-2021-27102 - Accellion FTA OS Command Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Accellion

    Description :Accellion FTA contains an OS command injection vulnerability exploited via a local web service call.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27102

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.8

    CRITICAL
    CVE-2021-27101 - Accellion FTA SQL Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Accellion

    Description :Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to document_root.html.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27101

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.8

    CRITICAL
    CVE-2021-27103 - Accellion FTA Server-Side Request Forgery (SSRF) Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Accellion

    Description :Accellion FTA contains a server-side request forgery (SSRF) vulnerability exploited via a crafted POST request to wmProgressstat.html.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27103

    Alert Date: Nov 03, 2021 | 1632 days ago

    7.5

    HIGH
    CVE-2019-20085 - TVT NVMS-1000 Directory Traversal Vulnerability -

    Action Due May 03, 2022 Target Vendor : TVT

    Description :TVT devices utilizing NVMS-1000 software contain a directory traversal vulnerability via GET /.. requests.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-20085

    Alert Date: Nov 03, 2021 | 1632 days ago

    7.8

    HIGH
    CVE-2020-0041 - Android Kernel Out-of-Bounds Write Vulnerability -

    Action Due May 03, 2022 Target Vendor : Android

    Description :Android Kernel binder_transaction of binder.c contains an out-of-bounds write vulnerability due to an incorrect bounds check that could allow for local privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0069 under exploit chain "AbstractEmu."

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0041

    Alert Date: Nov 03, 2021 | 1632 days ago

    7.8

    HIGH
    CVE-2020-0069 - Mediatek Multiple Chipsets Insufficient Input Validation Vulnerability -

    Action Due May 03, 2022 Target Vendor : MediaTek

    Description :Multiple MediaTek chipsets contain an insufficient input validation vulnerability and have missing SELinux restrictions in the Command Queue drivers ioctl handlers. This causes an out-of-bounds write leading to privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0041 under exploit chain "AbstractEmu."

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0069

    Alert Date: Nov 03, 2021 | 1632 days ago

    8.1

    HIGH
    CVE-2017-9805 - Apache Struts Deserialization of Untrusted Data Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apache

    Description :Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deserializing XML payloads.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-9805

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.8

    CRITICAL
    CVE-2021-42013 - Apache HTTP Server Path Traversal Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apache

    Description :Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default require all denied or if CGI scripts are enabled. This CVE ID resolves an incomplete patch for CVE-2021-41773.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-42013

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.8

    CRITICAL
    CVE-2021-41773 - Apache HTTP Server Path Traversal Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apache

    Description :Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default �require all denied� or if CGI scripts are enabled. The original patch issued under this CVE ID is insufficient, please review remediation information under CVE-2021-42013.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-41773

    Alert Date: Nov 03, 2021 | 1632 days ago

    10.0

    HIGH
    CVE-2017-5638 - Apache Struts Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apache

    Description :Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-5638

    Alert Date: Nov 03, 2021 | 1632 days ago

    7.5

    HIGH
    CVE-2019-6223 - Apple iOS and macOS Group Facetime Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apple

    Description :Apple iOS and macOS Group FaceTime contains an unspecified vulnerability where the call initiator can cause the recipient's Apple device to answer unknowingly or without user interaction.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-6223

    Alert Date: Nov 03, 2021 | 1632 days ago

    7.8

    HIGH
    CVE-2021-30860 - Apple Multiple Products Integer Overflow Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description :Apple iOS, iPadOS, macOS, and watchOS CoreGraphics contain an integer overflow vulnerability which may allow code execution when processing a maliciously crafted PDF. The vulnerability is also known under the moniker of FORCEDENTRY.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30860

    Alert Date: Nov 03, 2021 | 1632 days ago

    7.8

    HIGH
    CVE-2020-27930 - Apple Multiple Products Memory Corruption Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apple

    Description :Apple iOS, iPadOS, macOS, and watchOS FontParser contain a memory corruption vulnerability which may allow for code execution when processing maliciously crafted front.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-27930

    Alert Date: Nov 03, 2021 | 1632 days ago

    9.3

    HIGH
    CVE-2021-30807 - Apple Multiple Products Memory Corruption Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Apple

    Description :Apple iOS, iPadOS, macOS, and watchOS IOMobileFrameBuffer contain a memory corruption vulnerability which may allow an application to execute code with kernel privileges.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30807

    Alert Date: Nov 03, 2021 | 1632 days ago

    7.1

    HIGH
    CVE-2020-27950 - Apple Multiple Products Memory Initialization Vulnerability -

    Action Due May 03, 2022 Target Vendor : Apple

    Description :Apple iOS, iPadOS, macOS, and watchOS contain a memory initialization vulnerability that may allow a malicious application to disclose kernel memory.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-27950

    Alert Date: Nov 03, 2021 | 1632 days ago
Showing 20 of 1582 Results

Filters