CISA Known Exploited Vulnerabilities

This dashboard displays the latest vulnerabilities published by the Cybersecurity & Infrastructure Security Agency (CISA).

CVE-2021-36934

Microsoft Windows SAM Local Privilege Escalation Vulnerability

Vendor: Microsoft

Product: Windows

Added: 2022-02-10

Due Date: 2022-02-24

Description:

If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-1220

CVE-2020-0796

Ransomware

Microsoft SMBv3 Remote Code Execution Vulnerability

Vendor: Microsoft

Product: SMBv3

Added: 2022-02-10

Due Date: 2022-08-10

Description:

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-119

CVE-2018-1000861

Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability

Vendor: Jenkins

Product: Jenkins Stapler Web Framework

Added: 2022-02-10

Due Date: 2022-08-10

Description:

A code execution vulnerability exists in the Stapler web framework used by Jenkins

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-502

CVE-2017-9791

Apache Struts 1 Improper Input Validation Vulnerability

Vendor: Apache

Product: Struts 1

Added: 2022-02-10

Due Date: 2022-08-10

Description:

The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-20

CVE-2017-8464

Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability

Vendor: Microsoft

Product: Windows

Added: 2022-02-10

Due Date: 2022-08-10

Description:

Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file

Required Action:

Apply updates per vendor instructions.

CVE-2017-10271

Ransomware

Oracle Corporation WebLogic Server Remote Code Execution Vulnerability

Vendor: Oracle

Product: WebLogic Server

Added: 2022-02-10

Due Date: 2022-08-10

Description:

Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution.

Required Action:

Apply updates per vendor instructions.

CVE-2017-0263

Microsoft Win32k Privilege Escalation Vulnerability

Vendor: Microsoft

Product: Win32k

Added: 2022-02-10

Due Date: 2022-08-10

Description:

Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-416

CVE-2017-0262

Microsoft Office Remote Code Execution Vulnerability

Vendor: Microsoft

Product: Office

Added: 2022-02-10

Due Date: 2022-08-10

Description:

A remote code execution vulnerability exists in Microsoft Office.

Required Action:

Apply updates per vendor instructions.

CVE-2017-0145

Ransomware

Microsoft SMBv1 Remote Code Execution Vulnerability

Vendor: Microsoft

Product: SMBv1

Added: 2022-02-10

Due Date: 2022-08-10

Description:

The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-20

CVE-2017-0144

Ransomware

Microsoft SMBv1 Remote Code Execution Vulnerability

Vendor: Microsoft

Product: SMBv1

Added: 2022-02-10

Due Date: 2022-08-10

Description:

The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-20

CVE-2016-3088

Apache ActiveMQ Improper Input Validation Vulnerability

Vendor: Apache

Product: ActiveMQ

Added: 2022-02-10

Due Date: 2022-08-10

Description:

The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-20

CVE-2015-2051

D-Link DIR-645 Router Remote Code Execution Vulnerability

Vendor: D-Link

Product: DIR-645 Router

Added: 2022-02-10

Due Date: 2022-08-10

Description:

D-Link DIR-645 Wired/Wireless Router allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.

Required Action:

The impacted product is end-of-life and should be disconnected if still in use.

CWEs:

CWE-77

CVE-2015-1635

Microsoft HTTP.sys Remote Code Execution Vulnerability

Vendor: Microsoft

Product: HTTP.sys

Added: 2022-02-10

Due Date: 2022-08-10

Description:

Microsoft HTTP protocol stack (HTTP.sys) contains a vulnerability that allows for remote code execution.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-94

CVE-2015-1130

Apple OS X Authentication Bypass Vulnerability

Vendor: Apple

Product: OS X

Added: 2022-02-10

Due Date: 2022-08-10

Description:

The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-254

CVE-2014-4404

Apple OS X Heap-Based Buffer Overflow Vulnerability

Vendor: Apple

Product: OS X

Added: 2022-02-10

Due Date: 2022-08-10

Description:

Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-119