Known Exploited Vulnerabilities Catalog

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.

How to use the KEV Catalog

The KEV catalog is also available in these formats:

CSV
JSON
JSON Schema (updated 06-25-2024)
Print View
License

Showing 1 - 10 of 10
Filters:
Veeam | Backup & Replication

CVE-2024-40711

Veeam Backup and Replication Deserialization Vulnerability: Veeam Backup and Replication contains a deserialization vulnerability allowing an unauthenticated user to perform remote code execution.

Related CWE: CWE-502

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-10-17
  • Due Date: 2024-11-07
Additional Notes
https://www.veeam.com/kb4649 ; https://nvd.nist.gov/vuln/detail/CVE-2024-40711
ServiceNow | Utah, Vancouver, and Washington DC Now Platform

CVE-2024-5217

ServiceNow Incomplete List of Disallowed Inputs Vulnerability: ServiceNow Washington DC, Vancouver, and earlier Now Platform releases contain an incomplete list of disallowed inputs vulnerability in the GlideExpression script. An unauthenticated user could exploit this vulnerability to execute code remotely.

Related CWE: CWE-184

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-07-29
  • Due Date: 2024-08-19
Additional Notes
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1648313; https://nvd.nist.gov/vuln/detail/CVE-2024-5217
ServiceNow | Utah, Vancouver, and Washington DC Now Platform

CVE-2024-4879

ServiceNow Improper Input Validation Vulnerability: ServiceNow Utah, Vancouver, and Washington DC Now Platform releases contain a jelly template injection vulnerability in UI macros. An unauthenticated user could exploit this vulnerability to execute code remotely.

Related CWE: CWE-1287

Known To Be Used in Ransomware Campaigns? Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2024-07-29
  • Due Date: 2024-08-19
Additional Notes
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1645154; https://nvd.nist.gov/vuln/detail/CVE-2024-4879
Veeam | Backup & Replication

CVE-2023-27532

Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability: Veeam Backup & Replication Cloud Connect component contains a missing authentication for critical function vulnerability that allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.

Related CWE: CWE-306

Known To Be Used in Ransomware Campaigns? Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Date Added: 2023-08-22
  • Due Date: 2023-09-12
Additional Notes
https://www.veeam.com/kb4424; https://nvd.nist.gov/vuln/detail/CVE-2023-27532
Veeam | Backup & Replication

CVE-2022-26500

Veeam Backup & Replication Remote Code Execution Vulnerability: The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.

Related CWE: CWE-22

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-12-13
  • Due Date: 2023-01-03
Additional Notes
https://www.veeam.com/kb4288; https://nvd.nist.gov/vuln/detail/CVE-2022-26500
Veeam | Backup & Replication

CVE-2022-26501

Veeam Backup & Replication Remote Code Execution Vulnerability: The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal API functions. A remote attacker can send input to the internal API which may lead to uploading and executing of malicious code.

Related CWE: CWE-306

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-12-13
  • Due Date: 2023-01-03
Additional Notes
https://www.veeam.com/kb4288; https://nvd.nist.gov/vuln/detail/CVE-2022-26501
GIGABYTE | Multiple Products

CVE-2018-19323

GIGABYTE Multiple Products Privilege Escalation Vulnerability: The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-10-24
  • Due Date: 2022-11-14
Additional Notes
https://www.gigabyte.com/Support/Security/1801; https://nvd.nist.gov/vuln/detail/CVE-2018-19323
GIGABYTE | Multiple Products

CVE-2018-19322

GIGABYTE Multiple Products Code Execution Vulnerability: The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

Related CWE: CWE-749

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-10-24
  • Due Date: 2022-11-14
Additional Notes
https://www.gigabyte.com/Support/Security/1801; https://nvd.nist.gov/vuln/detail/CVE-2018-19322
GIGABYTE | Multiple Products

CVE-2018-19321

GIGABYTE Multiple Products Privilege Escalation Vulnerability: The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-10-24
  • Due Date: 2022-11-14
Additional Notes
https://www.gigabyte.com/Support/Security/1801; https://nvd.nist.gov/vuln/detail/CVE-2018-19321
GIGABYTE | Multiple Products

CVE-2018-19320

GIGABYTE Multiple Products Unspecified Vulnerability: The GDrv low-level driver in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.

Known To Be Used in Ransomware Campaigns? Known

Action: Apply updates per vendor instructions.
  • Date Added: 2022-10-24
  • Due Date: 2022-11-14
Additional Notes
https://www.gigabyte.com/Support/Security/1801; https://nvd.nist.gov/vuln/detail/CVE-2018-19320

Subscribe to the KEV Catalog Updates

Stay up to date on the latest known exploited vulnerabilities.

Subscribe Now