CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    9.0

    HIGH
    CVE-2021-22894 - Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability -

    Action Due May 03, 2022 Target Vendor : Ivanti

    Description :Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authenticated users to execute code as the root user via maliciously crafted meeting room.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :Reference CISA's ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2021-22894

    Alert Date: Nov 03, 2021 | 1634 days ago

    4.9

    MEDIUM
    CVE-2021-20023 - SonicWall Email Security Path Traversal Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SonicWall

    Description :SonicWall Email Security contains a path traversal vulnerability that allows a post-authenticated attacker to read files on the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20022 to achieve privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-20023

    Alert Date: Nov 03, 2021 | 1634 days ago

    10.0

    CRITICAL
    CVE-2021-35211 - SolarWinds Serv-U Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SolarWinds

    Description :SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-35211

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.3

    HIGH
    CVE-2017-11882 - Microsoft Office Memory Corruption Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Office contains a memory corruption vulnerability that allows remote code execution in the context of the current user.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2017-11882

    Alert Date: Nov 03, 2021 | 1634 days ago

    8.8

    HIGH
    CVE-2021-27085 - Microsoft Internet Explorer Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Internet Explorer contains an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27085

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.8

    CRITICAL
    CVE-2018-13379 - Fortinet FortiOS SSL VPN Path Traversal Vulnerability -

    Action Due May 03, 2022 Target Vendor : Fortinet

    Description :Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-13379

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.8

    CRITICAL
    CVE-2020-12812 - Fortinet FortiOS SSL VPN Improper Authentication Vulnerability -

    Action Due May 03, 2022 Target Vendor : Fortinet

    Description :Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-12812

    Alert Date: Nov 03, 2021 | 1634 days ago

    6.5

    MEDIUM
    CVE-2019-5591 - Fortinet FortiOS Default Configuration Vulnerability -

    Action Due May 03, 2022 Target Vendor : Fortinet

    Description :Fortinet FortiOS contains a default configuration vulnerability that may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the Lightweight Directory Access Protocol (LDAP) server.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-5591

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.3

    HIGH
    CVE-2015-1641 - Microsoft Office Memory Corruption Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code execution in the context of the current user.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2015-1641

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.3

    HIGH
    CVE-2012-0158 - Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft MSCOMCTL.OCX contains an unspecified vulnerability that allows for remote code execution, allowing an attacker to take complete control of an affected system under the context of the current user.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2012-0158

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.8

    CRITICAL
    CVE-2019-18935 - Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability -

    Action Due May 03, 2022 Target Vendor : Progress

    Description :Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context of the w3wp.exe process.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-18935

    Alert Date: Nov 03, 2021 | 1634 days ago

    7.8

    HIGH
    CVE-2019-0859 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Win32k fails to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-0859

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.8

    CRITICAL
    CVE-2020-10148 - SolarWinds Orion Authentication Bypass Vulnerability -

    Action Due May 03, 2022 Target Vendor : SolarWinds

    Description :SolarWinds Orion API contains an authentication bypass vulnerability that could allow a remote attacker to execute API commands.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-10148

    Alert Date: Nov 03, 2021 | 1634 days ago

    7.6

    HIGH
    CVE-2019-1429 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Internet Explorer contains a memory corruption vulnerability which can allow for remote code execution in the context of the current user.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-1429

    Alert Date: Nov 03, 2021 | 1634 days ago

    7.8

    HIGH
    CVE-2021-1732 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1732

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.8

    CRITICAL
    CVE-2020-2555 - Oracle Multiple Products Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description :Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with network access via T3 or HTTP to takeover the affected system. Impacted Oracle products: Oracle Coherence in Fusion Middleware, Oracle Utilities Framework, Oracle Retail Assortment Planning, Oracle Commerce, Oracle Communications Diameter Signaling Router (DSR).

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-2555

    Alert Date: Nov 03, 2021 | 1634 days ago

    8.8

    HIGH
    CVE-2021-33742 - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-33742

    Alert Date: Nov 03, 2021 | 1634 days ago

    6.5

    MEDIUM
    CVE-2020-11652 - SaltStack Salt Path Traversal Vulnerability -

    Action Due May 03, 2022 Target Vendor : SaltStack

    Description :SaltStack Salt contains a path traversal vulnerability in the salt-master process ClearFuncs which allows directory access to authenticated users. Salt users who follow fundamental internet security guidelines and best practices are not affected by this vulnerability.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-11652

    Alert Date: Nov 03, 2021 | 1634 days ago

    9.0

    HIGH
    CVE-2019-15949 - Nagios XI Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Nagios

    Description :Nagios XI contains a remote code execution vulnerability in which a user can modify the check_plugin executable and insert malicious commands to execute as root.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-15949

    Alert Date: Nov 03, 2021 | 1634 days ago

    8.8

    HIGH
    CVE-2019-17026 - Mozilla Firefox And Thunderbird Type Confusion Vulnerability -

    Action Due May 03, 2022 Target Vendor : Mozilla

    Description :Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMonkey JIT compiler when setting array elements.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-17026

    Alert Date: Nov 03, 2021 | 1634 days ago
Showing 20 of 1587 Results

Filters