Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Microsoft | Windows

CVE-2023-36033

Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability: Microsoft Windows Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-822

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-11-14
Due Date: 2023-12-05

Additional Notes

Microsoft | Windows

CVE-2023-36025

Microsoft Windows SmartScreen Security Feature Bypass Vulnerability: Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to bypass Windows Defender SmartScreen checks and their associated prompts.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-11-14
Due Date: 2023-12-05

Additional Notes

Microsoft | Windows

CVE-2023-36036

Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability: Microsoft Windows Cloud Files Mini Filter Driver contains a privilege escalation vulnerability that could allow an attacker to gain SYSTEM privileges.

Related CWE: CWE-122

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-11-14
Due Date: 2023-12-05

Additional Notes

Microsoft | WordPad

CVE-2023-36563

Microsoft WordPad Information Disclosure Vulnerability: Microsoft WordPad contains an unspecified vulnerability that allows for information disclosure.

Related CWE: CWE-20

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-10-10
Due Date: 2023-10-31

Additional Notes

Microsoft | Skype for Business

CVE-2023-41763

Microsoft Skype for Business Privilege Escalation Vulnerability: Microsoft Skype for Business contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-918

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-10-10
Due Date: 2023-10-31

Additional Notes

Microsoft | Windows CNG Key Isolation Service

CVE-2023-28229

Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability: Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges.

Related CWE: CWE-591

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-10-04
Due Date: 2023-10-25

Additional Notes

Microsoft | Word

CVE-2023-36761

Microsoft Word Information Disclosure Vulnerability: Microsoft Word contains an unspecified vulnerability that allows for information disclosure.

Related CWE: CWE-668

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-09-12
Due Date: 2023-10-03

Additional Notes

Microsoft | Streaming Service Proxy

CVE-2023-36802

Microsoft Streaming Service Proxy Privilege Escalation Vulnerability: Microsoft Streaming Service Proxy contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-09-12
Due Date: 2023-10-03

Additional Notes

Microsoft | .NET Core and Visual Studio

CVE-2023-38180

Microsoft .NET Core and Visual Studio Denial-of-Service Vulnerability: Microsoft .NET Core and Visual Studio contain an unspecified vulnerability that allows for denial-of-service (DoS).

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-08-09
Due Date: 2023-08-30

Additional Notes

Microsoft | Windows

CVE-2023-36884

Microsoft Windows Search Remote Code Execution Vulnerability: Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution.

Related CWE: CWE-362

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Date Added: 2023-07-17
Due Date: 2023-08-29

Additional Notes

Microsoft | Outlook

CVE-2023-35311

Microsoft Outlook Security Feature Bypass Vulnerability: Microsoft Outlook contains a security feature bypass vulnerability that allows an attacker to bypass the Microsoft Outlook Security Notice prompt.

Related CWE: CWE-367

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.

Date Added: 2023-07-11
Due Date: 2023-08-01

Additional Notes

Microsoft | Windows

CVE-2023-32049

Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability: Microsoft Windows Defender SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Open File - Security Warning prompt.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.

Date Added: 2023-07-11
Due Date: 2023-08-01

Additional Notes

Microsoft | Windows

CVE-2023-32046

Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability: Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for privilege escalation.

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.

Date Added: 2023-07-11
Due Date: 2023-08-01

Additional Notes

Microsoft | Windows

CVE-2023-36874

Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability: Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-59

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.

Date Added: 2023-07-11
Due Date: 2023-08-01

Additional Notes

Microsoft | Win32k

CVE-2016-0165

Microsoft Win32k Privilege Escalation Vulnerability: Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-264

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-06-22
Due Date: 2023-07-13

Additional Notes

Microsoft | Win32k

CVE-2023-29336

Microsoft Win32K Privilege Escalation Vulnerability: Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation up to SYSTEM privileges.

Related CWE: CWE-416

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-05-09
Due Date: 2023-05-30

Additional Notes

Microsoft | Windows

CVE-2023-28252

Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability: Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.

Related CWE: CWE-122

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2023-04-11
Due Date: 2023-05-02

Additional Notes

Microsoft | Windows

CVE-2019-1388

Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability: Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes in an elevated context.

Related CWE: CWE-269

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.

Date Added: 2023-04-07
Due Date: 2023-04-28

Additional Notes

Microsoft | Internet Explorer

CVE-2013-3163

Microsoft Internet Explorer Memory Corruption Vulnerability: Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial of service via a crafted website.

Related CWE: CWE-94

Known To Be Used in Ransomware Campaigns? Unknown

Action: The impacted product is end-of-life and should be disconnected if still in use.

Date Added: 2023-03-30
Due Date: 2023-04-20

Additional Notes

Microsoft | Office

CVE-2023-23397

Microsoft Office Outlook Privilege Escalation Vulnerability: Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user.

Related CWE: CWE-294

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply updates per vendor instructions.

Date Added: 2023-03-14
Due Date: 2023-04-04

Additional Notes

Known Exploited Vulnerabilities Catalog

Subscribe to the KEV Catalog Updates