CISA Known Exploited Vulnerabilities (KEV)

  1. Home
  2. CISA KEV
Threat Intelligence

CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilities actively used in real-world attacks. CVEFeed.io tracks the latest additions so you can prioritize remediation as new entries are published.

    8.8

    HIGH
    CVE-2021-27085 - Microsoft Internet Explorer Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Internet Explorer contains an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-27085

    Alert Date: Nov 03, 2021 | 1637 days ago

    10.0

    HIGH
    CVE-2021-22502 - Micro Focus Operation Bridge Report (OBR) Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Micro Focus

    Description :Micro Focus Operation Bridge Report (OBR) contains an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22502

    Alert Date: Nov 03, 2021 | 1637 days ago

    9.8

    CRITICAL
    CVE-2018-13379 - Fortinet FortiOS SSL VPN Path Traversal Vulnerability -

    Action Due May 03, 2022 Target Vendor : Fortinet

    Description :Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-13379

    Alert Date: Nov 03, 2021 | 1637 days ago

    9.8

    CRITICAL
    CVE-2021-20016 - SonicWall SSLVPN SMA100 SQL Injection Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SonicWall

    Description :SonicWall SSLVPN SMA100 contains a SQL injection vulnerability that allows remote exploitation for credential access by an unauthenticated attacker.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-20016

    Alert Date: Nov 03, 2021 | 1637 days ago

    7.5

    HIGH
    CVE-2021-22506 - Micro Focus Access Manager Information Leakage Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Micro Focus

    Description :Micro Focus Access Manager contains an information leakage vulnerability resulting from a SAML service provider redirection issue when the Assertion Consumer Service URL is used.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-22506

    Alert Date: Nov 03, 2021 | 1637 days ago

    7.8

    HIGH
    CVE-2020-1464 - Microsoft Windows Spoofing Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-1464

    Alert Date: Nov 03, 2021 | 1637 days ago

    8.8

    HIGH
    CVE-2021-21206 - Google Chromium Blink Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description :Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21206

    Alert Date: Nov 03, 2021 | 1637 days ago

    8.8

    HIGH
    CVE-2021-30554 - Google Chromium WebGL Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description :Google Chromium WebGL contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-30554

    Alert Date: Nov 03, 2021 | 1637 days ago

    10.0

    HIGH
    CVE-2021-34473 - Microsoft Exchange Server Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Microsoft

    Description :Microsoft Exchange Server contains an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-34473

    Alert Date: Nov 03, 2021 | 1637 days ago

    7.8

    HIGH
    CVE-2020-17087 - Microsoft Windows Kernel Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-17087

    Alert Date: Nov 03, 2021 | 1637 days ago

    9.6

    CRITICAL
    CVE-2021-37973 - Google Chromium Portals Use-After-Free Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description :Google Chromium Portals contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-37973

    Alert Date: Nov 03, 2021 | 1637 days ago

    7.8

    HIGH
    CVE-2016-0167 - Microsoft Win32k Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Microsoft

    Description :Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2016-0167

    Alert Date: Nov 03, 2021 | 1637 days ago

    8.8

    HIGH
    CVE-2021-21166 - Google Chromium Race Condition Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : Google

    Description :Google Chromium contains a race condition vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-21166

    Alert Date: Nov 03, 2021 | 1637 days ago

    10.0

    CRITICAL
    CVE-2021-35211 - SolarWinds Serv-U Remote Code Execution Vulnerability -

    Action Due Nov 17, 2021 Target Vendor : SolarWinds

    Description :SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2021-35211

    Alert Date: Nov 03, 2021 | 1637 days ago

    9.8

    CRITICAL
    CVE-2020-12812 - Fortinet FortiOS SSL VPN Improper Authentication Vulnerability -

    Action Due May 03, 2022 Target Vendor : Fortinet

    Description :Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-12812

    Alert Date: Nov 03, 2021 | 1637 days ago

    7.2

    HIGH
    CVE-2020-8243 - Ivanti Pulse Connect Secure Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Ivanti

    Description :Ivanti Pulse Connect Secure contains an unspecified vulnerability in the admin web interface that could allow an authenticated attacker to upload a custom template to perform code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :Reference CISA's ED 21-03 (https://www.cisa.gov/news-events/directives/ed-21-03-mitigate-pulse-connect-secure-product-vulnerabilities) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-03. https://nvd.nist.gov/vuln/detail/CVE-2020-8243

    Alert Date: Nov 03, 2021 | 1637 days ago

    9.8

    CRITICAL
    CVE-2019-18935 - Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability -

    Action Due May 03, 2022 Target Vendor : Progress

    Description :Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context of the w3wp.exe process.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-18935

    Alert Date: Nov 03, 2021 | 1637 days ago

    9.8

    CRITICAL
    CVE-2018-7600 - Drupal Core Remote Code Execution Vulnerability -

    Action Due May 03, 2022 Target Vendor : Drupal

    Description :Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Known Detected Nov 03, 2021

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2018-7600

    Alert Date: Nov 03, 2021 | 1637 days ago

    10.0

    HIGH
    CVE-2020-8515 - Multiple DrayTek Vigor Routers Web Management Page Vulnerability -

    Action Due May 03, 2022 Target Vendor : DrayTek

    Description :DrayTek Vigor3900, Vigor2960, and Vigor300B routers contain an unspecified vulnerability that allows for remote code execution.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2020-8515

    Alert Date: Nov 03, 2021 | 1637 days ago

    9.3

    HIGH
    CVE-2019-15752 - Docker Desktop Community Edition Privilege Escalation Vulnerability -

    Action Due May 03, 2022 Target Vendor : Docker

    Description :Docker Desktop Community Edition contains a vulnerability that may allow local users to escalate privileges by placing a trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\.

    Action :Apply updates per vendor instructions.

    Known To Be Used in Ransomware Campaigns? : Unknown

    Notes :https://nvd.nist.gov/vuln/detail/CVE-2019-15752

    Alert Date: Nov 03, 2021 | 1637 days ago
Showing 20 of 1587 Results

Filters