CISA Known Exploited Vulnerabilities

This dashboard displays the latest vulnerabilities published by the Cybersecurity & Infrastructure Security Agency (CISA).

CVE-2017-10271

Ransomware

Oracle Corporation WebLogic Server Remote Code Execution Vulnerability

Vendor: Oracle

Product: WebLogic Server

Added: 2022-02-10

Due Date: 2022-08-10

Description:

Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution.

Required Action:

Apply updates per vendor instructions.

CVE-2017-0263

Microsoft Win32k Privilege Escalation Vulnerability

Vendor: Microsoft

Product: Win32k

Added: 2022-02-10

Due Date: 2022-08-10

Description:

Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-416

CVE-2017-0262

Microsoft Office Remote Code Execution Vulnerability

Vendor: Microsoft

Product: Office

Added: 2022-02-10

Due Date: 2022-08-10

Description:

A remote code execution vulnerability exists in Microsoft Office.

Required Action:

Apply updates per vendor instructions.

CVE-2017-0145

Ransomware

Microsoft SMBv1 Remote Code Execution Vulnerability

Vendor: Microsoft

Product: SMBv1

Added: 2022-02-10

Due Date: 2022-08-10

Description:

The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-20

CVE-2017-0144

Ransomware

Microsoft SMBv1 Remote Code Execution Vulnerability

Vendor: Microsoft

Product: SMBv1

Added: 2022-02-10

Due Date: 2022-08-10

Description:

The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-20

CVE-2016-3088

Apache ActiveMQ Improper Input Validation Vulnerability

Vendor: Apache

Product: ActiveMQ

Added: 2022-02-10

Due Date: 2022-08-10

Description:

The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-20

CVE-2015-2051

D-Link DIR-645 Router Remote Code Execution Vulnerability

Vendor: D-Link

Product: DIR-645 Router

Added: 2022-02-10

Due Date: 2022-08-10

Description:

D-Link DIR-645 Wired/Wireless Router allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.

Required Action:

The impacted product is end-of-life and should be disconnected if still in use.

CWEs:

CWE-77

CVE-2015-1635

Microsoft HTTP.sys Remote Code Execution Vulnerability

Vendor: Microsoft

Product: HTTP.sys

Added: 2022-02-10

Due Date: 2022-08-10

Description:

Microsoft HTTP protocol stack (HTTP.sys) contains a vulnerability that allows for remote code execution.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-94

CVE-2015-1130

Apple OS X Authentication Bypass Vulnerability

Vendor: Apple

Product: OS X

Added: 2022-02-10

Due Date: 2022-08-10

Description:

The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-254

CVE-2014-4404

Apple OS X Heap-Based Buffer Overflow Vulnerability

Vendor: Apple

Product: OS X

Added: 2022-02-10

Due Date: 2022-08-10

Description:

Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-119

CVE-2022-21882

Microsoft Win32k Privilege Escalation Vulnerability

Vendor: Microsoft

Product: Win32k

Added: 2022-02-04

Due Date: 2022-02-18

Description:

Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-787

CVE-2022-22587

Apple Memory Corruption Vulnerability

Vendor: Apple

Product: iOS and macOS

Added: 2022-01-28

Due Date: 2022-02-11

Description:

Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-20 CWE-787

CVE-2021-20038

Ransomware

SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability

Vendor: SonicWall

Product: SMA 100 Appliances

Added: 2022-01-28

Due Date: 2022-02-11

Description:

SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-121

CVE-2020-5722

Grandstream Networks UCM6200 Series SQL Injection Vulnerability

Vendor: Grandstream

Product: UCM6200

Added: 2022-01-28

Due Date: 2022-07-28

Description:

Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-89

CVE-2020-0787

Ransomware

Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability

Vendor: Microsoft

Product: Windows

Added: 2022-01-28

Due Date: 2022-07-28

Description:

Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-269 CWE-59