CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    9.8

    CRITICAL
    CVE-2021-1498 - Cisco HyperFlex HX Data Platform Command Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Cisco

    Description :Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the tomcat8 user.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-1498

    Alert Date: Nov 03, 2021 | 1635 days ago

    10.0

    HIGH
    CVE-2018-0171 - Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-0171

    Alert Date: Nov 03, 2021 | 1635 days ago

    8.8

    HIGH
    CVE-2020-3118 - Cisco IOS XR Software Discovery Protocol Format String Vulnerability -

    Action Due May 03, 2022 Target Vendor : Cisco

    Description :Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-3118

    Alert Date: Nov 03, 2021 | 1635 days ago

    5.5

    MEDIUM
    CVE-2016-3718 - ImageMagick Server-Side Request Forgery (SSRF) Vulnerability -

    Action Due May 03, 2022 Target Vendor : ImageMagick

    Description :ImageMagick contains an unspecified vulnerability that allows attackers to perform server-side request forgery (SSRF) via a crafted image.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-3718

    Alert Date: Nov 03, 2021 | 1635 days ago

    9.0

    HIGH
    CVE-2020-14883 - Oracle WebLogic Server Unspecified Vulnerability -

    Action Due May 03, 2022 Target Vendor : Oracle

    Description :Oracle WebLogic Server contains an unspecified vulnerability in the Console component with high impacts to confidentilaity, integrity, and availability.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-14883

    Alert Date: Nov 03, 2021 | 1635 days ago

    5.5

    MEDIUM
    CVE-2021-31955 - Microsoft Windows Kernel Information Disclosure Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memory from a user-mode process.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31955

    Alert Date: Nov 03, 2021 | 1635 days ago

    7.8

    HIGH
    CVE-2020-0683 - Microsoft Windows Installer Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows Installer contains a privilege escalation vulnerability when MSI packages process symbolic links, which allows attackers to bypass access restrictions to add or remove files.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0683

    Alert Date: Nov 03, 2021 | 1635 days ago

    7.8

    HIGH
    CVE-2020-0938 - Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0938

    Alert Date: Nov 03, 2021 | 1635 days ago

    7.8

    HIGH
    CVE-2020-0986 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows kernel contains an unspecified vulnerability when handling objects in memory that allows attackers to escalate privileges and execute code in kernel mode.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-0986

    Alert Date: Nov 03, 2021 | 1635 days ago

    9.8

    CRITICAL
    CVE-2021-34523 - Microsoft Exchange Server Privilege Escalation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-34523

    Alert Date: Nov 03, 2021 | 1635 days ago

    8.8

    HIGH
    CVE-2021-21220 - Google Chromium V8 Improper Input Validation Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description :Google Chromium V8 Engine contains an improper input validation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21220

    Alert Date: Nov 03, 2021 | 1635 days ago

    9.1

    CRITICAL
    CVE-2020-4428 - IBM Data Risk Manager Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : IBM

    Description :IBM Data Risk Manager contains an unspecified vulnerability which could allow a remote, authenticated attacker to execute commands on the system.�

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-4428

    Alert Date: Nov 03, 2021 | 1635 days ago

    10.0

    CRITICAL
    CVE-2019-4716 - IBM Planning Analytics Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : IBM

    Description :IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-4716

    Alert Date: Nov 03, 2021 | 1635 days ago

    5.8

    MEDIUM
    CVE-2016-3715 - ImageMagick Arbitrary File Deletion Vulnerability -

    Action Due May 03, 2022 Target Vendor : ImageMagick

    Description :ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-3715

    Alert Date: Nov 03, 2021 | 1635 days ago

    6.6

    MEDIUM
    CVE-2021-31207 - Microsoft Exchange Server Security Feature Bypass Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Exchange Server contains an unspecified vulnerability that allows for security feature bypass.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-31207

    Alert Date: Nov 03, 2021 | 1635 days ago

    7.2

    HIGH
    CVE-2021-22900 - Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability -

    Action Due May 03, 2022 Target Vendor : Ivanti

    Description :Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :Reference CISA's ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2021-22900

    Alert Date: Nov 03, 2021 | 1635 days ago

    9.8

    CRITICAL
    CVE-2020-26919 - Netgear JGS516PE Devices Missing Function Level Access Control Vulnerability -

    Action Due May 03, 2022 Target Vendor : NETGEAR

    Description :Netgear JGS516PE devices contain a missing function level access control vulnerability.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-26919

    Alert Date: Nov 03, 2021 | 1635 days ago

    9.3

    HIGH
    CVE-2021-34448 - Microsoft Windows Scripting Engine Memory Corruption Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Windows Scripting Engine contains an unspecified vulnerability that allows for memory corruption.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-34448

    Alert Date: Nov 03, 2021 | 1635 days ago

    7.5

    HIGH
    CVE-2021-36942 - Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-36942

    Alert Date: Nov 03, 2021 | 1635 days ago

    10.0

    CRITICAL
    CVE-2021-35211 - SolarWinds Serv-U Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SolarWinds

    Description :SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-35211

    Alert Date: Nov 03, 2021 | 1635 days ago
Showing 20 of 1587 Results

Filters