CISA Known Exploited Vulnerabilities (KEV)
CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.
10.0
CVE-2021-22502 - Micro Focus Operation Bridge Report (OBR) Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Micro Focus
Description :Micro Focus Operation Bridge Report (OBR) contains an unspecified vulnerability that allows for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22502
9.8
CVE-2021-38647 - Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerability allowing remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-38647
7.8
CVE-2016-0167 - Microsoft Win32k Privilege Escalation Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-0167
7.5
CVE-2020-0878 - Microsoft Edge and Internet Explorer Memory Corruption Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft Edge and Internet Explorer contain a memory corruption vulnerability that allows attackers to execute code in the context of the current user.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0878
5.5
CVE-2021-31955 - Microsoft Windows Kernel Information Disclosure Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memory from a user-mode process.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31955
7.8
CVE-2021-1647 - Microsoft Defender Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Defender contains an unspecified vulnerability that allows for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1647
9.3
CVE-2016-0185 - Microsoft Windows Media Center Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-0185
7.8
CVE-2020-0683 - Microsoft Windows Installer Privilege Escalation Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft Windows Installer contains a privilege escalation vulnerability when MSI packages process symbolic links, which allows attackers to bypass access restrictions to add or remove files.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0683
7.8
CVE-2020-17087 - Microsoft Windows Kernel Privilege Escalation Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-17087
8.8
CVE-2021-33742 - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-33742
9.3
CVE-2015-1641 - Microsoft Office Memory Corruption Vulnerability -
Action Due May 03, 2022 Target Vendor : Microsoft
Description :Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code execution in the context of the current user.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-1641
9.8
CVE-2021-40539 - Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Zoho
Description :Zoho ManageEngine ADSelfService Plus contains an authentication bypass vulnerability affecting the REST API URLs which allow for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-40539
10.0
CVE-2021-27561 - Yealink Device Management Server-Side Request Forgery (SSRF) Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Yealink
Description :Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27561
7.8
CVE-2021-31979 - Microsoft Windows Kernel Privilege Escalation Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31979
7.8
CVE-2021-31201 - Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31201
9.3
CVE-2021-31956 - Microsoft Windows NTFS Privilege Escalation Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Microsoft
Description :Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31956
9.8
CVE-2020-15505 - Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability -
Action Due May 03, 2022 Target Vendor : Ivanti
Description :Ivanti MobileIron's Core & Connector, Sentry, and Monitor and Reporting Database (RDB) products contain an unspecified vulnerability that allows for remote code execution.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-15505
5.5
CVE-2021-30657 - Apple macOS Unspecified Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Apple
Description :Apple macOS contains an unspecified logic issue in System Preferences that may allow a malicious application to bypass Gatekeeper checks.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30657
9.8
CVE-2021-41773 - Apache HTTP Server Path Traversal Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Apache
Description :Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default �require all denied� or if CGI scripts are enabled. The original patch issued under this CVE ID is insufficient, please review remediation information under CVE-2021-42013.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-41773
7.8
CVE-2021-30713 - Apple macOS Unspecified Vulnerability -
Action Due Nov 17, 2021 Target Vendor : Apple
Description :Apple macOS Transparency, Consent, and Control (TCC) contains an unspecified permissions issue which may allow a malicious application to bypass privacy preferences.
Action :Apply updates per vendor instructions.
Known To Be Used in Ransomware Campaigns? : Unknown
Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30713