Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Kingsoft | WPS Office

CVE-2024-7262

Kingsoft WPS Office Path Traversal Vulnerability: Kingsoft WPS Office contains a path traversal vulnerability in promecefpluginhost.exe on Windows that allows an attacker to load an arbitrary Windows library.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2024-09-03
Due Date: 2024-09-24

Additional Notes

Citrix | NetScaler ADC and NetScaler Gateway

CVE-2023-6549

Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability: Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for a denial-of-service when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2024-01-17
Due Date: 2024-02-07

Additional Notes

Citrix | NetScaler ADC and NetScaler Gateway

CVE-2023-6548

Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability: Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote code execution on the management interface with access to NSIP, CLIP, or SNIP.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2024-01-17
Due Date: 2024-01-24

Additional Notes

QNAP | VioStor NVR

CVE-2023-47565

QNAP VioStor NVR OS Command Injection Vulnerability: QNAP VioStar NVR contains an OS command injection vulnerability that allows authenticated users to execute commands via a network.

Related CWE: CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-12-21
Due Date: 2024-01-11

Additional Notes

Citrix | NetScaler ADC and NetScaler Gateway

CVE-2023-4966

Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability: Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

Related CWE: CWE-119

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations and kill all active and persistent sessions per vendor instructions [https://www.netscaler.com/blog/news/cve-2023-4966-critical-security-update-now-available-for-netscaler-adc-and-netscaler-gateway/] OR discontinue use of the product if mitigations are unavailable.

Date Added: 2023-10-18
Due Date: 2023-11-08

Additional Notes

Citrix | Content Collaboration

CVE-2023-24489

Citrix Content Collaboration ShareFile Improper Access Control Vulnerability: Citrix Content Collaboration contains an improper access control vulnerability that could allow an unauthenticated attacker to remotely compromise customer-managed ShareFile storage zones controllers.

Related CWE: CWE-284

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-08-16
Due Date: 2023-09-06

Additional Notes

Citrix | NetScaler ADC and NetScaler Gateway

CVE-2023-3519

Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability: Citrix NetScaler ADC and NetScaler Gateway contains a code injection vulnerability that allows for unauthenticated remote code execution.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-07-19
Due Date: 2023-08-09

Additional Notes

Citrix | Application Delivery Controller (ADC) and Gateway

CVE-2022-27518

Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability: Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker to execute code as administrator.

Related CWE: CWE-664

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-12-13
Due Date: 2023-01-03

Additional Notes

QNAP | Photo Station

CVE-2022-27593

QNAP Photo Station Externally Controlled Reference Vulnerability: Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign.

Related CWE: CWE-610

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-09-08
Due Date: 2022-09-29

Additional Notes

QNAP | QTS

CVE-2019-7193

QNAP QTS Improper Input Validation Vulnerability: QNAP QTS contains an improper input validation vulnerability allowing remote attackers to inject code on the system.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-06-08
Due Date: 2022-06-22

Additional Notes

QNAP | Photo Station

CVE-2019-7194

QNAP Photo Station Path Traversal Vulnerability: QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-06-08
Due Date: 2022-06-22

Additional Notes

QNAP | Photo Station

CVE-2019-7195

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-06-08
Due Date: 2022-06-22

Additional Notes

QNAP | Photo Station

CVE-2019-7192

QNAP Photo Station Improper Access Control Vulnerability: QNAP NAS devices running Photo Station contain an improper access control vulnerability allowing remote attackers to gain unauthorized access to the system.

Related CWE: CWE-863

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-06-08
Due Date: 2022-06-22

Additional Notes

QNAP | Network Attached Storage (NAS)

CVE-2018-19953

QNAP NAS File Station Cross-Site Scripting Vulnerability: A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.

Related CWEs: CWE-79| CWE-80

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-05-24
Due Date: 2022-06-14

Additional Notes

QNAP | Network Attached Storage (NAS)

CVE-2018-19949

QNAP NAS File Station Command Injection Vulnerability: A command injection vulnerability affecting QNAP NAS File Station could allow remote attackers to run commands.

Related CWEs: CWE-20| CWE-77| CWE-78

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-05-24
Due Date: 2022-06-14

Additional Notes

QNAP | Network Attached Storage (NAS)

CVE-2018-19943

QNAP NAS File Station Cross-Site Scripting Vulnerability: A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.

Related CWEs: CWE-79| CWE-80

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-05-24
Due Date: 2022-06-14

Additional Notes

QNAP | QNAP Network-Attached Storage (NAS)

CVE-2020-2509

QNAP Network-Attached Storage (NAS) Command Injection Vulnerability: QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.

Related CWEs: CWE-77| CWE-78

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-04-11
Due Date: 2022-05-02

Additional Notes

QNAP | Network Attached Storage (NAS)

CVE-2021-28799

QNAP NAS Improper Authorization Vulnerability: QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device.

Related CWE: CWE-285

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2022-03-31
Due Date: 2022-04-21

Additional Notes

Citrix | NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Server

CVE-2017-6316

Citrix Multiple Products Remote Code Execution Vulnerability: A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthenticated, remote attacker being able to execute arbitrary code as a root user. This vulnerability also affects XenMobile Server.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-25
Due Date: 2022-04-15

Additional Notes

Citrix | SD-WAN and NetScaler

CVE-2019-12989

Citrix SD-WAN and NetScaler SQL Injection Vulnerability: Citrix SD-WAN and NetScaler SD-WAN allow SQL Injection.

Related CWE: CWE-89

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2022-03-25
Due Date: 2022-04-15

Additional Notes

Known Exploited Vulnerabilities Catalog

Subscribe to the KEV Catalog Updates