KEV category

Firewall and network-edge KEV entries for small business

Vulnerabilities being actively exploited in firewall and network-edge gear from Fortinet, Cisco, SonicWall, Palo Alto, Ubiquiti, and Ivanti. These appliances sit between your office and the internet — depending on the flaw, exploitation can let an attacker reach your network without going through a user's device, expose configuration or credentials, or take the appliance offline. Updated daily from the CISA KEV catalog.

Updated 17 hours ago. 188 entries in this category. All SMB-relevant entries.

CVE-2026-20230Plan to patch
Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) contain a server-side request forgery (SSRF) Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that could be used later to elevate to root.
Added to KEV Jun 25, 2026 · Cisco Unified Communications Manager
CVE-2026-34910Patch this week
Ubiquiti UniFi OS Improper Input Validation Vulnerability
Affects anyone running Ubiquiti UniFi networking gear (access points, switches, security gateways, NVRs). The gear carries internal network traffic and often hosts video surveillance — exploitation can expose network traffic or grant management access to the network itself.
Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to the network to conduct command injection.
Added to KEV Jun 23, 2026 · Ubiquiti UniFi OS
CVE-2026-34909Patch this week
Ubiquiti UniFi OS Path Traversal Vulnerability
Affects anyone running Ubiquiti UniFi networking gear (access points, switches, security gateways, NVRs). The gear carries internal network traffic and often hosts video surveillance — exploitation can expose network traffic or grant management access to the network itself.
Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the network to access files on the underlying system that could be manipulated to access an underlying account.
Added to KEV Jun 23, 2026 · Ubiquiti UniFi OS
CVE-2026-34908Patch this week
Ubiquiti UniFi OS Improper Access Control Vulnerability
Affects anyone running Ubiquiti UniFi networking gear (access points, switches, security gateways, NVRs). The gear carries internal network traffic and often hosts video surveillance — exploitation can expose network traffic or grant management access to the network itself.
Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to the network to make unauthorized changes to the system.
Added to KEV Jun 23, 2026 · Ubiquiti UniFi OS
CVE-2026-20262Plan to patch
Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system.
Added to KEV Jun 15, 2026 · Cisco Catalyst SD-WAN Manager
CVE-2026-10520Patch this week
Ivanti Sentry OS Command Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticated user to achieve root-level remote code execution. This vulnerability can be successfully exploited in cases where the Sentry appliance is in an unmanaged state with its endpoints externally reachable. The use of mTLS with EPMM or restricted HTTPS access through Neurons for MDM makes interfaces inaccessible to external actors.
Added to KEV Jun 11, 2026 · Ivanti Sentry
CVE-2026-20245Patch this week
Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system.
Added to KEV Jun 9, 2026 · Cisco Catalyst SD-WAN Manager
CVE-2026-0257Patch this week
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that allows attackers to bypass security restrictions and establish an unauthorized VPN connection.
Added to KEV May 29, 2026 · Palo Alto Networks PAN-OS
CVE-2026-20182Patch this week
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.
Added to KEV May 14, 2026 · Cisco Catalyst SD-WAN
CVE-2026-6973Patch this week
Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.
Added to KEV May 7, 2026 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2026-0300Patch this week
Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.
Added to KEV May 6, 2026 · Palo Alto Networks PAN-OS
CVE-2026-20122Plan to patch
Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system and gain vmanage user privileges.
Added to KEV Apr 20, 2026 · Cisco Catalyst SD-WAN Manger
CVE-2026-20133Plan to patch
Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive information on affected systems.
Added to KEV Apr 20, 2026 · Cisco Catalyst SD-WAN Manager
CVE-2026-20128Patch this week
Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local attacker to gain DCA user privileges by accessing a credential file for the DCA user on the filesystem as a low-privileged user.
Added to KEV Apr 20, 2026 · Cisco Catalyst SD-WAN Manager
CVE-2026-21643Patch this week
Fortinet FortiClient EMS SQL Injection Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
Added to KEV Apr 13, 2026 · Fortinet FortiClient EMS
CVE-2026-1340Patch this week
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.
Added to KEV Apr 8, 2026 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2026-35616Patch this week
Fortinet FortiClient EMS Improper Access Control Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
Added to KEV Apr 6, 2026 · Fortinet FortiClient EMS
CVE-2026-20131Known ransomware usePatch now
Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device.
Added to KEV Mar 19, 2026 · Cisco Secure Firewall Management Center (FMC)
CVE-2026-1603Patch this week
Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticated attacker to leak specific stored credential data.
Added to KEV Mar 9, 2026 · Ivanti Endpoint Manager (EPM)
CVE-2022-20775Patch this week
Cisco SD-WAN Path Traversal Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain elevated privileges via improper access controls on commands within the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
Added to KEV Feb 25, 2026 · Cisco SD-WAN
CVE-2026-20127Patch this week
Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authentication bypass vulnerability could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.
Added to KEV Feb 25, 2026 · Cisco Catalyst SD-WAN Controller and Manager
CVE-2026-1281Patch this week
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.
Added to KEV Jan 29, 2026 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2026-24858Patch this week
Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiAnalyzer, FortiManager, FortiOS, and FortiProxy contain an authentication bypass using an alternate path or channel that could allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.
Added to KEV Jan 27, 2026 · Fortinet Multiple Products
CVE-2026-20045Patch this week
Cisco Unified Communications Products Code Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance contain a code injection vulnerability that could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root.
Added to KEV Jan 21, 2026 · Cisco Unified Communications Manager
CVE-2025-40602Plan to patch
SonicWall SMA1000 Missing Authorization Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SMA1000 contains a missing authorization vulnerability that could allow for privilege escalation appliance management console (AMC) of affected devices.
Added to KEV Dec 17, 2025 · SonicWall SMA1000 appliance
CVE-2025-20393Patch this week
Cisco Multiple Products Improper Input Validation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows threat actors to execute arbitrary commands with root privileges on the underlying operating system of an affected appliance.
Added to KEV Dec 17, 2025 · Cisco Multiple Products
CVE-2025-59718Patch this week
Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulnerability that may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML message. Please be aware that CVE-2025-59719 pertains to the same problem and is mentioned in the same vendor advisory. Ensure to apply all patches mentioned in the advisory.
Added to KEV Dec 16, 2025 · Fortinet Multiple Products
CVE-2025-58034Patch this week
Fortinet FortiWeb OS Command Injection Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands.
Added to KEV Nov 18, 2025 · Fortinet FortiWeb
CVE-2025-64446Patch this week
Fortinet FortiWeb Path Traversal Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiWeb contains a relative path traversal vulnerability that may allow an unauthenticated attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.
Added to KEV Nov 14, 2025 · Fortinet FortiWeb
CVE-2025-20352Patch this week
Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS and IOS XE contains a stack-based buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) subsystem that could allow for denial of service or remote code execution. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system.
Added to KEV Sep 29, 2025 · Cisco IOS and IOS XE
CVE-2025-20362Plan to patch
Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a missing authorization vulnerability. This vulnerability could be chained with CVE-2025-20333.
Added to KEV Sep 25, 2025 · Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
CVE-2025-20333Patch this week
Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a buffer overflow vulnerability that allows for remote code execution. This vulnerability could be chained with CVE-2025-20362.
Added to KEV Sep 25, 2025 · Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
CVE-2025-20337Patch this week
Cisco Identity Services Engine Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing an attacker to exploit this vulnerability by submitting a crafted API request. Successful exploitation could allow an attacker to perform remote code execution and obtaining root privileges on an affected device.
Added to KEV Jul 28, 2025 · Cisco Identity Services Engine
CVE-2025-20281Patch this week
Cisco Identity Services Engine Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing an attacker to exploit this vulnerability by submitting a crafted API request. Successful exploitation could allow an attacker to perform remote code execution and obtaining root privileges on an affected device.
Added to KEV Jul 28, 2025 · Cisco Identity Services Engine
CVE-2025-25257Patch this week
Fortinet FortiWeb SQL Injection Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.
Added to KEV Jul 18, 2025 · Fortinet FortiWeb
CVE-2019-6693Known ransomware usePatch now
Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS contains a use of hard-coded credentials vulnerability that could allow an attacker to cipher sensitive data in FortiOS configuration backup file via knowledge of the hard-coded key.
Added to KEV Jun 25, 2025 · Fortinet FortiOS
CVE-2025-4428Patch this week
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability in the API component that allows an authenticated attacker to remotely execute arbitrary code via crafted API requests. This vulnerability results from an insecure implementation of the Hibernate Validator open-source library, as represented by CVE-2025-35036.
Added to KEV May 19, 2025 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2025-4427Plan to patch
Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) contains an authentication bypass vulnerability in the API component that allows an attacker to access protected resources without proper credentials via crafted API requests. This vulnerability results from an insecure implementation of the Spring Framework open-source library.
Added to KEV May 19, 2025 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2025-32756Patch this week
Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiFone, FortiVoice, FortiNDR and FortiMail contain a stack-based overflow vulnerability that may allow a remote unauthenticated attacker to execute arbitrary code or commands via crafted HTTP requests.
Added to KEV May 14, 2025 · Fortinet Multiple Products
CVE-2023-44221Patch this week
SonicWall SMA100 Appliances OS Command Injection Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SMA100 appliances contain an OS command injection vulnerability in the SSL-VPN management interface that allows a remote, authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user.
Added to KEV May 1, 2025 · SonicWall SMA100 Appliances
CVE-2021-20035Plan to patch
SonicWall SMA100 Appliances OS Command Injection Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SMA100 appliances contain an OS command injection vulnerability in the management interface that allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user, which could potentially lead to code execution.
Added to KEV Apr 16, 2025 · SonicWall SMA100 Appliances
CVE-2025-22457Known ransomware usePatch now
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Connect Secure, Policy Secure, and ZTA Gateways contains a stack-based buffer overflow vulnerability that allows a remote unauthenticated attacker to achieve remote code execution.
Added to KEV Apr 4, 2025 · Ivanti Connect Secure, Policy Secure, and ZTA Gateways
CVE-2024-20439Patch this week
Cisco Smart Licensing Utility Static Credential Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Smart Licensing Utility contains a static credential vulnerability that allows an unauthenticated, remote attacker to log in to an affected system and gain administrative credentials.
Added to KEV Mar 31, 2025 · Cisco Smart Licensing Utility
CVE-2025-24472Known ransomware usePatch now
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
Added to KEV Mar 18, 2025 · Fortinet FortiOS and FortiProxy
CVE-2024-13161Patch this week
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
Added to KEV Mar 10, 2025 · Ivanti Endpoint Manager (EPM)
CVE-2024-13160Patch this week
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
Added to KEV Mar 10, 2025 · Ivanti Endpoint Manager (EPM)
CVE-2024-13159Patch this week
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
Added to KEV Mar 10, 2025 · Ivanti Endpoint Manager (EPM)
CVE-2023-20118Plan to patch
Cisco Small Business RV Series Routers Command Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Multiple Cisco Small Business RV Series Routers contains a command injection vulnerability in the web-based management interface. Successful exploitation could allow an authenticated, remote attacker to gain root-level privileges and access unauthorized data.
Added to KEV Mar 3, 2025 · Cisco Small Business RV Series Routers
CVE-2025-0111Plan to patch
Palo Alto Networks PAN-OS File Read Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.
Added to KEV Feb 20, 2025 · Palo Alto Networks PAN-OS
CVE-2025-0108Patch this week
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management web interface to bypass the authentication normally required and invoke certain PHP scripts.
Added to KEV Feb 18, 2025 · Palo Alto Networks PAN-OS
CVE-2024-53704Known ransomware usePatch now
SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication.
Added to KEV Feb 18, 2025 · SonicWall SonicOS
CVE-2025-23006Known ransomware usePatch now
SonicWall SMA1000 Appliances Deserialization Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.
Added to KEV Jan 24, 2025 · SonicWall SMA1000 Appliances
CVE-2024-55591Known ransomware usePatch now
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
Added to KEV Jan 14, 2025 · Fortinet FortiOS and FortiProxy
CVE-2025-0282Known ransomware usePatch now
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.
Added to KEV Jan 8, 2025 · Ivanti Connect Secure, Policy Secure, and ZTA Gateways
CVE-2024-3393Patch this week
Palo Alto Networks PAN-OS Malicious DNS Packet Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malicious DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
Added to KEV Dec 30, 2024 · Palo Alto Networks PAN-OS
CVE-2024-9474Known ransomware usePatch now
Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interface for several PAN products, including firewalls and VPN concentrators.
Added to KEV Nov 18, 2024 · Palo Alto Networks PAN-OS
CVE-2024-0012Known ransomware usePatch now
Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for several PAN-OS products, including firewalls and VPN concentrators.
Added to KEV Nov 18, 2024 · Palo Alto Networks PAN-OS
CVE-2024-9465Patch this week
Palo Alto Networks Expedition SQL Injection Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks Expedition contains a SQL injection vulnerability that allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
Added to KEV Nov 14, 2024 · Palo Alto Networks Expedition
CVE-2024-9463Patch this week
Palo Alto Networks Expedition OS Command Injection Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks Expedition contains an OS command injection vulnerability that allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
Added to KEV Nov 14, 2024 · Palo Alto Networks Expedition
CVE-2014-2120Plan to patch
Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) contains a cross-site scripting (XSS) vulnerability in the WebVPN login page. This vulnerability allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.
Added to KEV Nov 12, 2024 · Cisco Adaptive Security Appliance (ASA)
CVE-2024-5910Patch this week
Palo Alto Networks Expedition Missing Authentication Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially access configuration secrets, credentials, and other data.
Added to KEV Nov 7, 2024 · Palo Alto Networks Expedition
CVE-2024-20481Plan to patch
Cisco ASA and FTD Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service.
Added to KEV Oct 24, 2024 · Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CVE-2024-47575Patch this week
Fortinet FortiManager Missing Authentication Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiManager contains a missing authentication vulnerability in the fgfmd daemon that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.
Added to KEV Oct 23, 2024 · Fortinet FortiManager
CVE-2024-9380Patch this week
Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.
Added to KEV Oct 9, 2024 · Ivanti Cloud Services Appliance (CSA)
CVE-2024-9379Plan to patch
Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a remote attacker authenticated as administrator to run arbitrary SQL statements.
Added to KEV Oct 9, 2024 · Ivanti Cloud Services Appliance (CSA)
CVE-2024-23113Patch this week
Fortinet Multiple Products Format String Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.
Added to KEV Oct 9, 2024 · Fortinet Multiple Products
CVE-2024-29824Patch this week
Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager (EPM) contains a SQL injection vulnerability in Core server that allows an unauthenticated attacker within the same network to execute arbitrary code.
Added to KEV Oct 2, 2024 · Ivanti Endpoint Manager (EPM)
CVE-2024-7593Patch this week
Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Virtual Traffic Manager contains an authentication bypass vulnerability that allows a remote, unauthenticated attacker to create a chosen administrator account.
Added to KEV Sep 24, 2024 · Ivanti Virtual Traffic Manager
CVE-2024-8963Patch this week
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8963 is used in conjunction with CVE-2024-8190, an attacker could bypass admin authentication and execute arbitrary commands on the appliance.
Added to KEV Sep 19, 2024 · Ivanti Cloud Services Appliance (CSA)
CVE-2024-8190Patch this week
Ivanti Cloud Services Appliance OS Command Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.
Added to KEV Sep 13, 2024 · Ivanti Cloud Services Appliance
CVE-2024-40766Known ransomware usePatch now
SonicWall SonicOS Improper Access Control Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.
Added to KEV Sep 9, 2024 · SonicWall SonicOS
CVE-2024-20399Plan to patch
Cisco NX-OS Command Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco NX-OS contains a command injection vulnerability in the command line interface (CLI) that could allow an authenticated, local attacker to execute commands as root on the underlying operating system of an affected device.
Added to KEV Jul 2, 2024 · Cisco NX-OS
CVE-2024-20359Plan to patch
Cisco ASA and FTD Privilege Escalation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.
Added to KEV Apr 24, 2024 · Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CVE-2024-20353Patch this week
Cisco ASA and FTD Denial of Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.
Added to KEV Apr 24, 2024 · Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CVE-2024-3400Known ransomware usePatch now
Palo Alto Networks PAN-OS Command Injection Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.
Added to KEV Apr 12, 2024 · Palo Alto Networks PAN-OS
CVE-2021-44529Known ransomware usePatch now
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).
Added to KEV Mar 25, 2024 · Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA)
CVE-2023-48788Known ransomware usePatch now
Fortinet FortiClient EMS SQL Injection Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically crafted requests.
Added to KEV Mar 25, 2024 · Fortinet FortiClient EMS
CVE-2020-3259Known ransomware usePatch now
Cisco ASA and FTD Information Disclosure Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an information disclosure vulnerability. An attacker could retrieve memory contents on an affected device, which could lead to the disclosure of confidential information due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. This vulnerability affects only specific AnyConnect and WebVPN configurations.
Added to KEV Feb 15, 2024 · Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CVE-2024-21762Known ransomware usePatch now
Fortinet FortiOS Out-of-Bound Write Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.
Added to KEV Feb 9, 2024 · Fortinet FortiOS
CVE-2024-21893Known ransomware usePatch now
Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a server-side request forgery (SSRF) vulnerability in the SAML component that allows an attacker to access certain restricted resources without authentication.
Added to KEV Jan 31, 2024 · Ivanti Connect Secure, Policy Secure, and Neurons
CVE-2023-35082Known ransomware usePatch now
Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core contain an authentication bypass vulnerability that allows unauthorized users to access restricted functionality or resources of the application.
Added to KEV Jan 18, 2024 · Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core
CVE-2023-46805Known ransomware usePatch now
Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateways contain an authentication bypass vulnerability in the web component that allows an attacker to access restricted resources by bypassing control checks. This vulnerability can be leveraged in conjunction with CVE-2024-21887, a command injection vulnerability.
Added to KEV Jan 10, 2024 · Ivanti Connect Secure and Policy Secure
CVE-2024-21887Known ransomware usePatch now
Ivanti Connect Secure and Policy Secure Command Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injection vulnerability in the web components of these products, which can allow an authenticated administrator to send crafted requests to execute code on affected appliances. This vulnerability can be leveraged in conjunction with CVE-2023-46805, an authenticated bypass issue.
Added to KEV Jan 10, 2024 · Ivanti Connect Secure and Policy Secure
CVE-2023-20273Patch this week
Cisco IOS XE Web UI Command Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited to deploy the implant. CVE-2021-1435, previously associated with the exploitation events, is no longer believed to be related to this activity.
Added to KEV Oct 23, 2023 · Cisco IOS XE Web UI
CVE-2023-20198Patch this week
Cisco IOS XE Web UI Privilege Escalation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, unauthenticated attacker to create an account with privilege level 15 access. The attacker can then use that account to gain control of the affected device.
Added to KEV Oct 16, 2023 · Cisco IOS XE Web UI
CVE-2023-20109Plan to patch
Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN (GET VPN) feature that could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute malicious code or cause a device to crash.
Added to KEV Oct 10, 2023 · Cisco IOS and IOS XE
CVE-2023-20269Known ransomware usePatch now
Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN session with an unauthorized user.
Added to KEV Sep 13, 2023 · Cisco Adaptive Security Appliance and Firepower Threat Defense
CVE-2023-38035Known ransomware usePatch now
Ivanti Sentry Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Sentry, formerly known as MobileIron Sentry, contains an authentication bypass vulnerability that may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.
Added to KEV Aug 22, 2023 · Ivanti Sentry
CVE-2023-35081Patch this week
Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrator to perform malicious file writes to the EPMM server. This vulnerability can be used in conjunction with CVE-2023-35078 to bypass authentication and ACLs restrictions (if applicable).
Added to KEV Jul 31, 2023 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2023-35078Known ransomware usePatch now
Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM, previously branded MobileIron Core) contains an authentication bypass vulnerability that allows unauthenticated access to specific API paths. An attacker with access to these API paths can access personally identifiable information (PII) such as names, phone numbers, and other mobile device details for users on a vulnerable system. An attacker can also make other configuration changes including installing software and modifying security profiles on registered devices.
Added to KEV Jul 25, 2023 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2023-27997Known ransomware usePatch now
Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.
Added to KEV Jun 13, 2023 · Fortinet FortiOS and FortiProxy SSL-VPN
CVE-2004-1464Plan to patch
Cisco IOS Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.
Added to KEV May 19, 2023 · Cisco IOS
CVE-2016-6415Patch this week
Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure.
Added to KEV May 19, 2023 · Cisco IOS, IOS XR, and IOS XE
CVE-2017-6742Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
Added to KEV Apr 19, 2023 · Cisco IOS and IOS XE Software
CVE-2022-41328Plan to patch
Fortinet FortiOS Path Traversal Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.
Added to KEV Mar 14, 2023 · Fortinet FortiOS
CVE-2022-42475Known ransomware usePatch now
Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.
Added to KEV Dec 13, 2022 · Fortinet FortiOS
CVE-2020-3433Known ransomware usePatch now
Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM privileges.
Added to KEV Oct 24, 2022 · Cisco AnyConnect Secure
CVE-2020-3153Known ransomware usePatch now
Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks.
Added to KEV Oct 24, 2022 · Cisco AnyConnect Secure
CVE-2022-40684Known ransomware usePatch now
Fortinet Multiple Products Authentication Bypass Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
Added to KEV Oct 11, 2022 · Fortinet Multiple Products
CVE-2018-13374Known ransomware usePatch now
Fortinet FortiOS and FortiADC Improper Access Control Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server.
Added to KEV Sep 8, 2022 · Fortinet FortiOS and FortiADC
CVE-2022-0028Patch this week
Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
A Palo Alto Networks PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.
Added to KEV Aug 22, 2022 · Palo Alto Networks PAN-OS
CVE-2017-15944Patch this week
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains multiple, unspecified vulnerabilities which can allow for remote code execution when chained.
Added to KEV Aug 18, 2022 · Palo Alto Networks PAN-OS
CVE-2019-15271Patch this week
Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A deserialization of untrusted data vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an attacker to execute code with root privileges.
Added to KEV Jun 8, 2022 · Cisco RV Series Routers
CVE-2016-6366Patch this week
Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco ASA software could allow an attacker to cause a reload of the affected system or to remotely execute code.
Added to KEV May 24, 2022 · Cisco Adaptive Security Appliance (ASA)
CVE-2016-6367Patch this week
Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the command-line interface (CLI) parser of Cisco ASA software could allow an authenticated, local attacker to create a denial-of-service (DoS) condition or potentially execute code.
Added to KEV May 24, 2022 · Cisco Adaptive Security Appliance (ASA)
CVE-2022-20821Plan to patch
Cisco IOS XR Open Port Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XR software health check opens TCP port 6379 by default on activation. An attacker can connect to the Redis instance on the open port and allow access to the Redis instance that is running within the NOSi container.
Added to KEV May 23, 2022 · Cisco IOS XR
CVE-2010-5330Patch this week
Ubiquiti AirOS Command Injection Vulnerability
Affects anyone running Ubiquiti UniFi networking gear (access points, switches, security gateways, NVRs). The gear carries internal network traffic and often hosts video surveillance — exploitation can expose network traffic or grant management access to the network itself.
Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.
Added to KEV Apr 15, 2022 · Ubiquiti AirOS
CVE-2021-20028Known ransomware usePatch now
SonicWall Secure Remote Access (SRA) SQL Injection Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall Secure Remote Access (SRA) products contain an improper neutralization of a SQL Command leading to SQL injection.
Added to KEV Mar 28, 2022 · SonicWall Secure Remote Access (SRA)
CVE-2019-7483Patch this week
SonicWall SMA100 Directory Traversal Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.
Added to KEV Mar 28, 2022 · SonicWall SMA100
CVE-2020-2021Known ransomware usePatch now
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains a vulnerability in SAML which allows an attacker to bypass authentication.
Added to KEV Mar 25, 2022 · Palo Alto Networks PAN-OS
CVE-2018-0147Patch this week
Cisco Secure Access Control System Java Deserialization Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.
Added to KEV Mar 25, 2022 · Cisco Secure Access Control System (ACS)
CVE-2018-0125Patch this week
Cisco VPN Routers Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affected system.
Added to KEV Mar 25, 2022 · Cisco VPN Routers
CVE-2017-3881Patch this week
Cisco IOS and IOS XE Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.
Added to KEV Mar 25, 2022 · Cisco IOS and IOS XE
CVE-2015-0666Patch this week
Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.
Added to KEV Mar 25, 2022 · Cisco Prime Data Center Network Manager (DCNM)
CVE-2010-3035Patch this week
Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
Added to KEV Mar 25, 2022 · Cisco IOS XR
CVE-2009-2055Plan to patch
Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
Added to KEV Mar 25, 2022 · Cisco IOS XR
CVE-2020-5135Patch this week
SonicWall SonicOS Buffer Overflow Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.
Added to KEV Mar 15, 2022 · SonicWall SonicOS
CVE-2022-20708Patch this week
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Added to KEV Mar 3, 2022 · Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
CVE-2022-20703Patch this week
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Added to KEV Mar 3, 2022 · Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
CVE-2022-20701Patch this week
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Added to KEV Mar 3, 2022 · Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
CVE-2022-20700Patch this week
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Added to KEV Mar 3, 2022 · Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
CVE-2022-20699Patch this week
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Added to KEV Mar 3, 2022 · Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
CVE-2019-1652Patch this week
Cisco Small Business Routers Improper Input Validation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands.
Added to KEV Mar 3, 2022 · Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
CVE-2018-0180Plan to patch
Cisco IOS Software Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software
CVE-2018-0179Plan to patch
Cisco IOS Software Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software
CVE-2018-0175Patch this week
Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Format string vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.
Added to KEV Mar 3, 2022 · Cisco IOS, XR, and XE Software
CVE-2018-0174Patch this week
Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).
Added to KEV Mar 3, 2022 · Cisco IOS XE Software
CVE-2018-0173Patch this week
Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for denial-of-service (DoS).
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2018-0172Patch this week
Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2018-0167Patch this week
Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
There is a buffer overflow vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code.
Added to KEV Mar 3, 2022 · Cisco IOS, XR, and XE Software
CVE-2018-0161Plan to patch
Cisco IOS Software Resource Management Errors Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial-of-service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software
CVE-2018-0159Patch this week
Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software and Cisco IOS XE Software
CVE-2018-0158Patch this week
Cisco IOS and XE Software Internet Key Exchange Memory Leak Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software and Cisco IOS XE Software
CVE-2018-0156Patch this week
Cisco IOS Software and Cisco IOS XE Software Smart Install Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial-of-service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software and Cisco IOS XE Software
CVE-2018-0155Patch this week
Cisco Catalyst Bidirectional Forwarding Detection Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial-of-service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches
CVE-2018-0154Patch this week
Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software
CVE-2018-0151Patch this week
Cisco IOS Software and Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6744Patch this week
Cisco IOS Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6.
Added to KEV Mar 3, 2022 · Cisco IOS software
CVE-2017-6743Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6740Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6739Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6738Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6737Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6736Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6663Plan to patch
Cisco IOS Software and Cisco IOS XE Software Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in denial-of-service (DoS).
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6627Patch this week
Cisco IOS Software and Cisco IOS XE Software UDP Packet Processing Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-12319Plan to patch
Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability.
Added to KEV Mar 3, 2022 · Cisco IOS XE Software
CVE-2017-12240Patch this week
Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-12238Plan to patch
Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service.
Added to KEV Mar 3, 2022 · Cisco Catalyst 6800 Series Switches
CVE-2017-12237Patch this week
Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-12235Patch this week
Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS software
CVE-2017-12234Patch this week
Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS software
CVE-2017-12233Patch this week
Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS software
CVE-2017-12232Plan to patch
Cisco IOS Software for Cisco Integrated Services Routers Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS software
CVE-2017-12231Patch this week
Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS software
CVE-2021-20038Known ransomware usePatch now
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.
Added to KEV Jan 28, 2022 · SonicWall SMA 100 Appliances
CVE-2018-13382Known ransomware usePatch now
Fortinet FortiOS and FortiProxy Improper Authorization
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.
Added to KEV Jan 10, 2022 · Fortinet FortiOS and FortiProxy
CVE-2018-13383Known ransomware usePatch now
Fortinet FortiOS and FortiProxy Out-of-bounds Write
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.
Added to KEV Jan 10, 2022 · Fortinet FortiOS and FortiProxy
CVE-2019-1579Known ransomware usePatch now
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.
Added to KEV Jan 10, 2022 · Palo Alto Networks PAN-OS
CVE-2021-44168Plan to patch
Fortinet FortiOS Arbitrary File Download
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files.
Added to KEV Dec 10, 2021 · Fortinet FortiOS
CVE-2020-3452Patch this week
Cisco ASA and FTD Read-Only Path Traversal Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device.
Added to KEV Nov 3, 2021 · Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CVE-2020-3580Known ransomware usePatch now
Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an insufficient input validation vulnerability for user-supplied input by the web services interface. Successful exploitation could allow an attacker to perform cross-site scripting (XSS) in the context of the interface or access sensitive browser-based information.
Added to KEV Nov 3, 2021 · Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CVE-2021-1497Patch this week
Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the root user.
Added to KEV Nov 3, 2021 · Cisco HyperFlex HX
CVE-2021-1498Patch this week
Cisco HyperFlex HX Data Platform Command Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the tomcat8 user.
Added to KEV Nov 3, 2021 · Cisco HyperFlex HX
CVE-2020-3566Patch this week
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.
Added to KEV Nov 3, 2021 · Cisco IOS XR
CVE-2020-3569Patch this week
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.
Added to KEV Nov 3, 2021 · Cisco IOS XR
CVE-2020-3161Patch this week
Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service (DoS) condition.
Added to KEV Nov 3, 2021 · Cisco IP Phones
CVE-2019-1653Patch this week
Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configuration or detailed diagnostic information.
Added to KEV Nov 3, 2021 · Cisco Small Business RV320 and RV325 Routers
CVE-2018-0296Patch this week
Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service (DoS) condition or information disclosure.
Added to KEV Nov 3, 2021 · Cisco Adaptive Security Appliance (ASA)
CVE-2019-5591Plan to patch
Fortinet FortiOS Default Configuration Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS contains a default configuration vulnerability that may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the Lightweight Directory Access Protocol (LDAP) server.
Added to KEV Nov 3, 2021 · Fortinet FortiOS
CVE-2020-12812Known ransomware usePatch now
Fortinet FortiOS SSL VPN Improper Authentication Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.
Added to KEV Nov 3, 2021 · Fortinet FortiOS
CVE-2018-13379Known ransomware usePatch now
Fortinet FortiOS SSL VPN Path Traversal Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.
Added to KEV Nov 3, 2021 · Fortinet FortiOS
CVE-2020-15505Patch this week
Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti MobileIron's Core & Connector, Sentry, and Monitor and Reporting Database (RDB) products contain an unspecified vulnerability that allows for remote code execution.
Added to KEV Nov 3, 2021 · Ivanti MobileIron Multiple Products
CVE-2021-22893Known ransomware usePatch now
Ivanti Pulse Connect Secure Use-After-Free Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to execute code via license services.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2020-8243Patch this week
Ivanti Pulse Connect Secure Code Execution Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure contains an unspecified vulnerability in the admin web interface that could allow an authenticated attacker to upload a custom template to perform code execution.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2021-22900Patch this week
Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2021-22894Patch this week
Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authenticated users to execute code as the root user via maliciously crafted meeting room.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2020-8260Patch this week
Ivanti Pulse Connect Secure Code Execution Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Pulse Connect Secure contains an unspecified vulnerability that allows an authenticated attacker to perform code execution using uncontrolled gzip extraction.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2021-22899Patch this week
Ivanti Pulse Connect Secure Command Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2019-11510Known ransomware usePatch now
Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacker with network access via HTTPS to send a specially crafted URI.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2019-11539Known ransomware usePatch now
Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure and Pulse Policy Secure
CVE-2021-20021Known ransomware usePatch now
SonicWall Email Security Improper Privilege Management Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall Email Security contains an improper privilege management vulnerability that allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20022 and CVE-2021-20023 to achieve privilege escalation.
Added to KEV Nov 3, 2021 · SonicWall Email Security
CVE-2019-7481Known ransomware usePatch now
SonicWall SMA100 SQL Injection Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SMA100 contains a SQL injection vulnerability allowing an unauthenticated user to gain read-only access to unauthorized resources.
Added to KEV Nov 3, 2021 · SonicWall SMA100
CVE-2021-20022Known ransomware usePatch now
SonicWall Email Security Unrestricted Upload of File Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall Email Security contains an unrestricted upload of file with dangerous type vulnerability that allows a post-authenticated attacker to upload a file to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20023 to achieve privilege escalation.
Added to KEV Nov 3, 2021 · SonicWall Email Security
CVE-2021-20023Known ransomware usePatch now
SonicWall Email Security Path Traversal Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall Email Security contains a path traversal vulnerability that allows a post-authenticated attacker to read files on the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20022 to achieve privilege escalation.
Added to KEV Nov 3, 2021 · SonicWall Email Security
CVE-2018-0171Patch this week
Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.
Added to KEV Nov 3, 2021 · Cisco IOS and IOS XE
CVE-2020-3118Patch this week
Cisco IOS XR Software Discovery Protocol Format String Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.
Added to KEV Nov 3, 2021 · Cisco IOS XR
CVE-2021-20016Known ransomware usePatch now
SonicWall SSLVPN SMA100 SQL Injection Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SSLVPN SMA100 contains a SQL injection vulnerability that allows remote exploitation for credential access by an unauthenticated attacker.
Added to KEV Nov 3, 2021 · SonicWall SSLVPN SMA100

KEV category

Firewall and network-edge KEV entries for small business

Updated 17 hours ago. 188 entries in this category. All SMB-relevant entries.

CVE-2026-20230Plan to patch
Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) contain a server-side request forgery (SSRF) Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that could be used later to elevate to root.
Added to KEV Jun 25, 2026 · Cisco Unified Communications Manager
CVE-2026-34910Patch this week
Ubiquiti UniFi OS Improper Input Validation Vulnerability
Affects anyone running Ubiquiti UniFi networking gear (access points, switches, security gateways, NVRs). The gear carries internal network traffic and often hosts video surveillance — exploitation can expose network traffic or grant management access to the network itself.
Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to the network to conduct command injection.
Added to KEV Jun 23, 2026 · Ubiquiti UniFi OS
CVE-2026-34909Patch this week
Ubiquiti UniFi OS Path Traversal Vulnerability
Affects anyone running Ubiquiti UniFi networking gear (access points, switches, security gateways, NVRs). The gear carries internal network traffic and often hosts video surveillance — exploitation can expose network traffic or grant management access to the network itself.
Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the network to access files on the underlying system that could be manipulated to access an underlying account.
Added to KEV Jun 23, 2026 · Ubiquiti UniFi OS
CVE-2026-34908Patch this week
Ubiquiti UniFi OS Improper Access Control Vulnerability
Affects anyone running Ubiquiti UniFi networking gear (access points, switches, security gateways, NVRs). The gear carries internal network traffic and often hosts video surveillance — exploitation can expose network traffic or grant management access to the network itself.
Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to the network to make unauthorized changes to the system.
Added to KEV Jun 23, 2026 · Ubiquiti UniFi OS
CVE-2026-20262Plan to patch
Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system.
Added to KEV Jun 15, 2026 · Cisco Catalyst SD-WAN Manager
CVE-2026-10520Patch this week
Ivanti Sentry OS Command Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticated user to achieve root-level remote code execution. This vulnerability can be successfully exploited in cases where the Sentry appliance is in an unmanaged state with its endpoints externally reachable. The use of mTLS with EPMM or restricted HTTPS access through Neurons for MDM makes interfaces inaccessible to external actors.
Added to KEV Jun 11, 2026 · Ivanti Sentry
CVE-2026-20245Patch this week
Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system.
Added to KEV Jun 9, 2026 · Cisco Catalyst SD-WAN Manager
CVE-2026-0257Patch this week
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that allows attackers to bypass security restrictions and establish an unauthorized VPN connection.
Added to KEV May 29, 2026 · Palo Alto Networks PAN-OS
CVE-2026-20182Patch this week
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.
Added to KEV May 14, 2026 · Cisco Catalyst SD-WAN
CVE-2026-6973Patch this week
Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.
Added to KEV May 7, 2026 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2026-0300Patch this week
Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.
Added to KEV May 6, 2026 · Palo Alto Networks PAN-OS
CVE-2026-20122Plan to patch
Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system and gain vmanage user privileges.
Added to KEV Apr 20, 2026 · Cisco Catalyst SD-WAN Manger
CVE-2026-20133Plan to patch
Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive information on affected systems.
Added to KEV Apr 20, 2026 · Cisco Catalyst SD-WAN Manager
CVE-2026-20128Patch this week
Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local attacker to gain DCA user privileges by accessing a credential file for the DCA user on the filesystem as a low-privileged user.
Added to KEV Apr 20, 2026 · Cisco Catalyst SD-WAN Manager
CVE-2026-21643Patch this week
Fortinet FortiClient EMS SQL Injection Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
Added to KEV Apr 13, 2026 · Fortinet FortiClient EMS
CVE-2026-1340Patch this week
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.
Added to KEV Apr 8, 2026 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2026-35616Patch this week
Fortinet FortiClient EMS Improper Access Control Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
Added to KEV Apr 6, 2026 · Fortinet FortiClient EMS
CVE-2026-20131Known ransomware usePatch now
Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device.
Added to KEV Mar 19, 2026 · Cisco Secure Firewall Management Center (FMC)
CVE-2026-1603Patch this week
Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticated attacker to leak specific stored credential data.
Added to KEV Mar 9, 2026 · Ivanti Endpoint Manager (EPM)
CVE-2022-20775Patch this week
Cisco SD-WAN Path Traversal Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain elevated privileges via improper access controls on commands within the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
Added to KEV Feb 25, 2026 · Cisco SD-WAN
CVE-2026-20127Patch this week
Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authentication bypass vulnerability could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.
Added to KEV Feb 25, 2026 · Cisco Catalyst SD-WAN Controller and Manager
CVE-2026-1281Patch this week
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.
Added to KEV Jan 29, 2026 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2026-24858Patch this week
Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiAnalyzer, FortiManager, FortiOS, and FortiProxy contain an authentication bypass using an alternate path or channel that could allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.
Added to KEV Jan 27, 2026 · Fortinet Multiple Products
CVE-2026-20045Patch this week
Cisco Unified Communications Products Code Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance contain a code injection vulnerability that could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root.
Added to KEV Jan 21, 2026 · Cisco Unified Communications Manager
CVE-2025-40602Plan to patch
SonicWall SMA1000 Missing Authorization Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SMA1000 contains a missing authorization vulnerability that could allow for privilege escalation appliance management console (AMC) of affected devices.
Added to KEV Dec 17, 2025 · SonicWall SMA1000 appliance
CVE-2025-20393Patch this week
Cisco Multiple Products Improper Input Validation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows threat actors to execute arbitrary commands with root privileges on the underlying operating system of an affected appliance.
Added to KEV Dec 17, 2025 · Cisco Multiple Products
CVE-2025-59718Patch this week
Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulnerability that may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML message. Please be aware that CVE-2025-59719 pertains to the same problem and is mentioned in the same vendor advisory. Ensure to apply all patches mentioned in the advisory.
Added to KEV Dec 16, 2025 · Fortinet Multiple Products
CVE-2025-58034Patch this week
Fortinet FortiWeb OS Command Injection Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands.
Added to KEV Nov 18, 2025 · Fortinet FortiWeb
CVE-2025-64446Patch this week
Fortinet FortiWeb Path Traversal Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiWeb contains a relative path traversal vulnerability that may allow an unauthenticated attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.
Added to KEV Nov 14, 2025 · Fortinet FortiWeb
CVE-2025-20352Patch this week
Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS and IOS XE contains a stack-based buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) subsystem that could allow for denial of service or remote code execution. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system.
Added to KEV Sep 29, 2025 · Cisco IOS and IOS XE
CVE-2025-20362Plan to patch
Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a missing authorization vulnerability. This vulnerability could be chained with CVE-2025-20333.
Added to KEV Sep 25, 2025 · Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
CVE-2025-20333Patch this week
Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a buffer overflow vulnerability that allows for remote code execution. This vulnerability could be chained with CVE-2025-20362.
Added to KEV Sep 25, 2025 · Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
CVE-2025-20337Patch this week
Cisco Identity Services Engine Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing an attacker to exploit this vulnerability by submitting a crafted API request. Successful exploitation could allow an attacker to perform remote code execution and obtaining root privileges on an affected device.
Added to KEV Jul 28, 2025 · Cisco Identity Services Engine
CVE-2025-20281Patch this week
Cisco Identity Services Engine Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing an attacker to exploit this vulnerability by submitting a crafted API request. Successful exploitation could allow an attacker to perform remote code execution and obtaining root privileges on an affected device.
Added to KEV Jul 28, 2025 · Cisco Identity Services Engine
CVE-2025-25257Patch this week
Fortinet FortiWeb SQL Injection Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiWeb contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests.
Added to KEV Jul 18, 2025 · Fortinet FortiWeb
CVE-2019-6693Known ransomware usePatch now
Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS contains a use of hard-coded credentials vulnerability that could allow an attacker to cipher sensitive data in FortiOS configuration backup file via knowledge of the hard-coded key.
Added to KEV Jun 25, 2025 · Fortinet FortiOS
CVE-2025-4428Patch this week
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability in the API component that allows an authenticated attacker to remotely execute arbitrary code via crafted API requests. This vulnerability results from an insecure implementation of the Hibernate Validator open-source library, as represented by CVE-2025-35036.
Added to KEV May 19, 2025 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2025-4427Plan to patch
Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) contains an authentication bypass vulnerability in the API component that allows an attacker to access protected resources without proper credentials via crafted API requests. This vulnerability results from an insecure implementation of the Spring Framework open-source library.
Added to KEV May 19, 2025 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2025-32756Patch this week
Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiFone, FortiVoice, FortiNDR and FortiMail contain a stack-based overflow vulnerability that may allow a remote unauthenticated attacker to execute arbitrary code or commands via crafted HTTP requests.
Added to KEV May 14, 2025 · Fortinet Multiple Products
CVE-2023-44221Patch this week
SonicWall SMA100 Appliances OS Command Injection Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SMA100 appliances contain an OS command injection vulnerability in the SSL-VPN management interface that allows a remote, authenticated attacker with administrative privilege to inject arbitrary commands as a 'nobody' user.
Added to KEV May 1, 2025 · SonicWall SMA100 Appliances
CVE-2021-20035Plan to patch
SonicWall SMA100 Appliances OS Command Injection Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SMA100 appliances contain an OS command injection vulnerability in the management interface that allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user, which could potentially lead to code execution.
Added to KEV Apr 16, 2025 · SonicWall SMA100 Appliances
CVE-2025-22457Known ransomware usePatch now
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Connect Secure, Policy Secure, and ZTA Gateways contains a stack-based buffer overflow vulnerability that allows a remote unauthenticated attacker to achieve remote code execution.
Added to KEV Apr 4, 2025 · Ivanti Connect Secure, Policy Secure, and ZTA Gateways
CVE-2024-20439Patch this week
Cisco Smart Licensing Utility Static Credential Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Smart Licensing Utility contains a static credential vulnerability that allows an unauthenticated, remote attacker to log in to an affected system and gain administrative credentials.
Added to KEV Mar 31, 2025 · Cisco Smart Licensing Utility
CVE-2025-24472Known ransomware usePatch now
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
Added to KEV Mar 18, 2025 · Fortinet FortiOS and FortiProxy
CVE-2024-13161Patch this week
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
Added to KEV Mar 10, 2025 · Ivanti Endpoint Manager (EPM)
CVE-2024-13160Patch this week
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
Added to KEV Mar 10, 2025 · Ivanti Endpoint Manager (EPM)
CVE-2024-13159Patch this week
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
Added to KEV Mar 10, 2025 · Ivanti Endpoint Manager (EPM)
CVE-2023-20118Plan to patch
Cisco Small Business RV Series Routers Command Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Multiple Cisco Small Business RV Series Routers contains a command injection vulnerability in the web-based management interface. Successful exploitation could allow an authenticated, remote attacker to gain root-level privileges and access unauthorized data.
Added to KEV Mar 3, 2025 · Cisco Small Business RV Series Routers
CVE-2025-0111Plan to patch
Palo Alto Networks PAN-OS File Read Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.
Added to KEV Feb 20, 2025 · Palo Alto Networks PAN-OS
CVE-2025-0108Patch this week
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management web interface to bypass the authentication normally required and invoke certain PHP scripts.
Added to KEV Feb 18, 2025 · Palo Alto Networks PAN-OS
CVE-2024-53704Known ransomware usePatch now
SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication.
Added to KEV Feb 18, 2025 · SonicWall SonicOS
CVE-2025-23006Known ransomware usePatch now
SonicWall SMA1000 Appliances Deserialization Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.
Added to KEV Jan 24, 2025 · SonicWall SMA1000 Appliances
CVE-2024-55591Known ransomware usePatch now
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
Added to KEV Jan 14, 2025 · Fortinet FortiOS and FortiProxy
CVE-2025-0282Known ransomware usePatch now
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.
Added to KEV Jan 8, 2025 · Ivanti Connect Secure, Policy Secure, and ZTA Gateways
CVE-2024-3393Patch this week
Palo Alto Networks PAN-OS Malicious DNS Packet Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malicious DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
Added to KEV Dec 30, 2024 · Palo Alto Networks PAN-OS
CVE-2024-9474Known ransomware usePatch now
Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interface for several PAN products, including firewalls and VPN concentrators.
Added to KEV Nov 18, 2024 · Palo Alto Networks PAN-OS
CVE-2024-0012Known ransomware usePatch now
Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for several PAN-OS products, including firewalls and VPN concentrators.
Added to KEV Nov 18, 2024 · Palo Alto Networks PAN-OS
CVE-2024-9465Patch this week
Palo Alto Networks Expedition SQL Injection Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks Expedition contains a SQL injection vulnerability that allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
Added to KEV Nov 14, 2024 · Palo Alto Networks Expedition
CVE-2024-9463Patch this week
Palo Alto Networks Expedition OS Command Injection Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks Expedition contains an OS command injection vulnerability that allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
Added to KEV Nov 14, 2024 · Palo Alto Networks Expedition
CVE-2014-2120Plan to patch
Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) contains a cross-site scripting (XSS) vulnerability in the WebVPN login page. This vulnerability allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.
Added to KEV Nov 12, 2024 · Cisco Adaptive Security Appliance (ASA)
CVE-2024-5910Patch this week
Palo Alto Networks Expedition Missing Authentication Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially access configuration secrets, credentials, and other data.
Added to KEV Nov 7, 2024 · Palo Alto Networks Expedition
CVE-2024-20481Plan to patch
Cisco ASA and FTD Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service.
Added to KEV Oct 24, 2024 · Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CVE-2024-47575Patch this week
Fortinet FortiManager Missing Authentication Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiManager contains a missing authentication vulnerability in the fgfmd daemon that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.
Added to KEV Oct 23, 2024 · Fortinet FortiManager
CVE-2024-9380Patch this week
Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.
Added to KEV Oct 9, 2024 · Ivanti Cloud Services Appliance (CSA)
CVE-2024-9379Plan to patch
Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a remote attacker authenticated as administrator to run arbitrary SQL statements.
Added to KEV Oct 9, 2024 · Ivanti Cloud Services Appliance (CSA)
CVE-2024-23113Patch this week
Fortinet Multiple Products Format String Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.
Added to KEV Oct 9, 2024 · Fortinet Multiple Products
CVE-2024-29824Patch this week
Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager (EPM) contains a SQL injection vulnerability in Core server that allows an unauthenticated attacker within the same network to execute arbitrary code.
Added to KEV Oct 2, 2024 · Ivanti Endpoint Manager (EPM)
CVE-2024-7593Patch this week
Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Virtual Traffic Manager contains an authentication bypass vulnerability that allows a remote, unauthenticated attacker to create a chosen administrator account.
Added to KEV Sep 24, 2024 · Ivanti Virtual Traffic Manager
CVE-2024-8963Patch this week
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8963 is used in conjunction with CVE-2024-8190, an attacker could bypass admin authentication and execute arbitrary commands on the appliance.
Added to KEV Sep 19, 2024 · Ivanti Cloud Services Appliance (CSA)
CVE-2024-8190Patch this week
Ivanti Cloud Services Appliance OS Command Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.
Added to KEV Sep 13, 2024 · Ivanti Cloud Services Appliance
CVE-2024-40766Known ransomware usePatch now
SonicWall SonicOS Improper Access Control Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.
Added to KEV Sep 9, 2024 · SonicWall SonicOS
CVE-2024-20399Plan to patch
Cisco NX-OS Command Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco NX-OS contains a command injection vulnerability in the command line interface (CLI) that could allow an authenticated, local attacker to execute commands as root on the underlying operating system of an affected device.
Added to KEV Jul 2, 2024 · Cisco NX-OS
CVE-2024-20359Plan to patch
Cisco ASA and FTD Privilege Escalation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrator to root.
Added to KEV Apr 24, 2024 · Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CVE-2024-20353Patch this week
Cisco ASA and FTD Denial of Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.
Added to KEV Apr 24, 2024 · Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CVE-2024-3400Known ransomware usePatch now
Palo Alto Networks PAN-OS Command Injection Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.
Added to KEV Apr 12, 2024 · Palo Alto Networks PAN-OS
CVE-2021-44529Known ransomware usePatch now
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).
Added to KEV Mar 25, 2024 · Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA)
CVE-2023-48788Known ransomware usePatch now
Fortinet FortiClient EMS SQL Injection Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically crafted requests.
Added to KEV Mar 25, 2024 · Fortinet FortiClient EMS
CVE-2020-3259Known ransomware usePatch now
Cisco ASA and FTD Information Disclosure Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an information disclosure vulnerability. An attacker could retrieve memory contents on an affected device, which could lead to the disclosure of confidential information due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. This vulnerability affects only specific AnyConnect and WebVPN configurations.
Added to KEV Feb 15, 2024 · Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CVE-2024-21762Known ransomware usePatch now
Fortinet FortiOS Out-of-Bound Write Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.
Added to KEV Feb 9, 2024 · Fortinet FortiOS
CVE-2024-21893Known ransomware usePatch now
Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a server-side request forgery (SSRF) vulnerability in the SAML component that allows an attacker to access certain restricted resources without authentication.
Added to KEV Jan 31, 2024 · Ivanti Connect Secure, Policy Secure, and Neurons
CVE-2023-35082Known ransomware usePatch now
Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core contain an authentication bypass vulnerability that allows unauthorized users to access restricted functionality or resources of the application.
Added to KEV Jan 18, 2024 · Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core
CVE-2023-46805Known ransomware usePatch now
Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateways contain an authentication bypass vulnerability in the web component that allows an attacker to access restricted resources by bypassing control checks. This vulnerability can be leveraged in conjunction with CVE-2024-21887, a command injection vulnerability.
Added to KEV Jan 10, 2024 · Ivanti Connect Secure and Policy Secure
CVE-2024-21887Known ransomware usePatch now
Ivanti Connect Secure and Policy Secure Command Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injection vulnerability in the web components of these products, which can allow an authenticated administrator to send crafted requests to execute code on affected appliances. This vulnerability can be leveraged in conjunction with CVE-2023-46805, an authenticated bypass issue.
Added to KEV Jan 10, 2024 · Ivanti Connect Secure and Policy Secure
CVE-2023-20273Patch this week
Cisco IOS XE Web UI Command Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited to deploy the implant. CVE-2021-1435, previously associated with the exploitation events, is no longer believed to be related to this activity.
Added to KEV Oct 23, 2023 · Cisco IOS XE Web UI
CVE-2023-20198Patch this week
Cisco IOS XE Web UI Privilege Escalation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, unauthenticated attacker to create an account with privilege level 15 access. The attacker can then use that account to gain control of the affected device.
Added to KEV Oct 16, 2023 · Cisco IOS XE Web UI
CVE-2023-20109Plan to patch
Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN (GET VPN) feature that could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute malicious code or cause a device to crash.
Added to KEV Oct 10, 2023 · Cisco IOS and IOS XE
CVE-2023-20269Known ransomware usePatch now
Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN session with an unauthorized user.
Added to KEV Sep 13, 2023 · Cisco Adaptive Security Appliance and Firepower Threat Defense
CVE-2023-38035Known ransomware usePatch now
Ivanti Sentry Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Sentry, formerly known as MobileIron Sentry, contains an authentication bypass vulnerability that may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.
Added to KEV Aug 22, 2023 · Ivanti Sentry
CVE-2023-35081Patch this week
Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrator to perform malicious file writes to the EPMM server. This vulnerability can be used in conjunction with CVE-2023-35078 to bypass authentication and ACLs restrictions (if applicable).
Added to KEV Jul 31, 2023 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2023-35078Known ransomware usePatch now
Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Endpoint Manager Mobile (EPMM, previously branded MobileIron Core) contains an authentication bypass vulnerability that allows unauthenticated access to specific API paths. An attacker with access to these API paths can access personally identifiable information (PII) such as names, phone numbers, and other mobile device details for users on a vulnerable system. An attacker can also make other configuration changes including installing software and modifying security profiles on registered devices.
Added to KEV Jul 25, 2023 · Ivanti Endpoint Manager Mobile (EPMM)
CVE-2023-27997Known ransomware usePatch now
Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests.
Added to KEV Jun 13, 2023 · Fortinet FortiOS and FortiProxy SSL-VPN
CVE-2004-1464Plan to patch
Cisco IOS Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.
Added to KEV May 19, 2023 · Cisco IOS
CVE-2016-6415Patch this week
Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure.
Added to KEV May 19, 2023 · Cisco IOS, IOS XR, and IOS XE
CVE-2017-6742Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
Added to KEV Apr 19, 2023 · Cisco IOS and IOS XE Software
CVE-2022-41328Plan to patch
Fortinet FortiOS Path Traversal Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.
Added to KEV Mar 14, 2023 · Fortinet FortiOS
CVE-2022-42475Known ransomware usePatch now
Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.
Added to KEV Dec 13, 2022 · Fortinet FortiOS
CVE-2020-3433Known ransomware usePatch now
Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM privileges.
Added to KEV Oct 24, 2022 · Cisco AnyConnect Secure
CVE-2020-3153Known ransomware usePatch now
Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks.
Added to KEV Oct 24, 2022 · Cisco AnyConnect Secure
CVE-2022-40684Known ransomware usePatch now
Fortinet Multiple Products Authentication Bypass Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
Added to KEV Oct 11, 2022 · Fortinet Multiple Products
CVE-2018-13374Known ransomware usePatch now
Fortinet FortiOS and FortiADC Improper Access Control Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server.
Added to KEV Sep 8, 2022 · Fortinet FortiOS and FortiADC
CVE-2022-0028Patch this week
Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
A Palo Alto Networks PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.
Added to KEV Aug 22, 2022 · Palo Alto Networks PAN-OS
CVE-2017-15944Patch this week
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains multiple, unspecified vulnerabilities which can allow for remote code execution when chained.
Added to KEV Aug 18, 2022 · Palo Alto Networks PAN-OS
CVE-2019-15271Patch this week
Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A deserialization of untrusted data vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an attacker to execute code with root privileges.
Added to KEV Jun 8, 2022 · Cisco RV Series Routers
CVE-2016-6366Patch this week
Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco ASA software could allow an attacker to cause a reload of the affected system or to remotely execute code.
Added to KEV May 24, 2022 · Cisco Adaptive Security Appliance (ASA)
CVE-2016-6367Patch this week
Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the command-line interface (CLI) parser of Cisco ASA software could allow an authenticated, local attacker to create a denial-of-service (DoS) condition or potentially execute code.
Added to KEV May 24, 2022 · Cisco Adaptive Security Appliance (ASA)
CVE-2022-20821Plan to patch
Cisco IOS XR Open Port Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XR software health check opens TCP port 6379 by default on activation. An attacker can connect to the Redis instance on the open port and allow access to the Redis instance that is running within the NOSi container.
Added to KEV May 23, 2022 · Cisco IOS XR
CVE-2010-5330Patch this week
Ubiquiti AirOS Command Injection Vulnerability
Affects anyone running Ubiquiti UniFi networking gear (access points, switches, security gateways, NVRs). The gear carries internal network traffic and often hosts video surveillance — exploitation can expose network traffic or grant management access to the network itself.
Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.
Added to KEV Apr 15, 2022 · Ubiquiti AirOS
CVE-2021-20028Known ransomware usePatch now
SonicWall Secure Remote Access (SRA) SQL Injection Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall Secure Remote Access (SRA) products contain an improper neutralization of a SQL Command leading to SQL injection.
Added to KEV Mar 28, 2022 · SonicWall Secure Remote Access (SRA)
CVE-2019-7483Patch this week
SonicWall SMA100 Directory Traversal Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.
Added to KEV Mar 28, 2022 · SonicWall SMA100
CVE-2020-2021Known ransomware usePatch now
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Palo Alto Networks PAN-OS contains a vulnerability in SAML which allows an attacker to bypass authentication.
Added to KEV Mar 25, 2022 · Palo Alto Networks PAN-OS
CVE-2018-0147Patch this week
Cisco Secure Access Control System Java Deserialization Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.
Added to KEV Mar 25, 2022 · Cisco Secure Access Control System (ACS)
CVE-2018-0125Patch this week
Cisco VPN Routers Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affected system.
Added to KEV Mar 25, 2022 · Cisco VPN Routers
CVE-2017-3881Patch this week
Cisco IOS and IOS XE Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.
Added to KEV Mar 25, 2022 · Cisco IOS and IOS XE
CVE-2015-0666Patch this week
Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.
Added to KEV Mar 25, 2022 · Cisco Prime Data Center Network Manager (DCNM)
CVE-2010-3035Patch this week
Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
Added to KEV Mar 25, 2022 · Cisco IOS XR
CVE-2009-2055Plan to patch
Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
Added to KEV Mar 25, 2022 · Cisco IOS XR
CVE-2020-5135Patch this week
SonicWall SonicOS Buffer Overflow Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.
Added to KEV Mar 15, 2022 · SonicWall SonicOS
CVE-2022-20708Patch this week
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Added to KEV Mar 3, 2022 · Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
CVE-2022-20703Patch this week
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Added to KEV Mar 3, 2022 · Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
CVE-2022-20701Patch this week
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Added to KEV Mar 3, 2022 · Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
CVE-2022-20700Patch this week
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Added to KEV Mar 3, 2022 · Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
CVE-2022-20699Patch this week
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Added to KEV Mar 3, 2022 · Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
CVE-2019-1652Patch this week
Cisco Small Business Routers Improper Input Validation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands.
Added to KEV Mar 3, 2022 · Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
CVE-2018-0180Plan to patch
Cisco IOS Software Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software
CVE-2018-0179Plan to patch
Cisco IOS Software Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software
CVE-2018-0175Patch this week
Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Format string vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.
Added to KEV Mar 3, 2022 · Cisco IOS, XR, and XE Software
CVE-2018-0174Patch this week
Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).
Added to KEV Mar 3, 2022 · Cisco IOS XE Software
CVE-2018-0173Patch this week
Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for denial-of-service (DoS).
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2018-0172Patch this week
Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2018-0167Patch this week
Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
There is a buffer overflow vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code.
Added to KEV Mar 3, 2022 · Cisco IOS, XR, and XE Software
CVE-2018-0161Plan to patch
Cisco IOS Software Resource Management Errors Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial-of-service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software
CVE-2018-0159Patch this week
Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software and Cisco IOS XE Software
CVE-2018-0158Patch this week
Cisco IOS and XE Software Internet Key Exchange Memory Leak Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software and Cisco IOS XE Software
CVE-2018-0156Patch this week
Cisco IOS Software and Cisco IOS XE Software Smart Install Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial-of-service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software and Cisco IOS XE Software
CVE-2018-0155Patch this week
Cisco Catalyst Bidirectional Forwarding Detection Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial-of-service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches
CVE-2018-0154Patch this week
Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition.
Added to KEV Mar 3, 2022 · Cisco IOS Software
CVE-2018-0151Patch this week
Cisco IOS Software and Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6744Patch this week
Cisco IOS Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6.
Added to KEV Mar 3, 2022 · Cisco IOS software
CVE-2017-6743Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6740Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6739Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6738Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6737Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6736Patch this week
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6663Plan to patch
Cisco IOS Software and Cisco IOS XE Software Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in denial-of-service (DoS).
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-6627Patch this week
Cisco IOS Software and Cisco IOS XE Software UDP Packet Processing Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-12319Plan to patch
Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability.
Added to KEV Mar 3, 2022 · Cisco IOS XE Software
CVE-2017-12240Patch this week
Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
The Dynamic Host Configuration Protocol (DHCP) relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-12238Plan to patch
Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a denial of service.
Added to KEV Mar 3, 2022 · Cisco Catalyst 6800 Series Switches
CVE-2017-12237Patch this week
Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS and IOS XE Software
CVE-2017-12235Patch this week
Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS software
CVE-2017-12234Patch this week
Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS software
CVE-2017-12233Patch this week
Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
There is a vulnerability in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS software
CVE-2017-12232Plan to patch
Cisco IOS Software for Cisco Integrated Services Routers Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS software
CVE-2017-12231Patch this week
Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS could allow an unauthenticated, remote attacker to cause a denial of service.
Added to KEV Mar 3, 2022 · Cisco IOS software
CVE-2021-20038Known ransomware usePatch now
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.
Added to KEV Jan 28, 2022 · SonicWall SMA 100 Appliances
CVE-2018-13382Known ransomware usePatch now
Fortinet FortiOS and FortiProxy Improper Authorization
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.
Added to KEV Jan 10, 2022 · Fortinet FortiOS and FortiProxy
CVE-2018-13383Known ransomware usePatch now
Fortinet FortiOS and FortiProxy Out-of-bounds Write
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.
Added to KEV Jan 10, 2022 · Fortinet FortiOS and FortiProxy
CVE-2019-1579Known ransomware usePatch now
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
Affects anyone behind a Palo Alto firewall or using GlobalProtect VPN. The firewall is the network edge; the VPN is how remote workers reach inside the perimeter — exploitation puts an attacker on the internal network without touching a workstation.
Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.
Added to KEV Jan 10, 2022 · Palo Alto Networks PAN-OS
CVE-2021-44168Plan to patch
Fortinet FortiOS Arbitrary File Download
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files.
Added to KEV Dec 10, 2021 · Fortinet FortiOS
CVE-2020-3452Patch this week
Cisco ASA and FTD Read-Only Path Traversal Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an improper input validation vulnerability when HTTP requests process URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device.
Added to KEV Nov 3, 2021 · Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CVE-2020-3580Known ransomware usePatch now
Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an insufficient input validation vulnerability for user-supplied input by the web services interface. Successful exploitation could allow an attacker to perform cross-site scripting (XSS) in the context of the interface or access sensitive browser-based information.
Added to KEV Nov 3, 2021 · Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
CVE-2021-1497Patch this week
Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the root user.
Added to KEV Nov 3, 2021 · Cisco HyperFlex HX
CVE-2021-1498Patch this week
Cisco HyperFlex HX Data Platform Command Injection Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the tomcat8 user.
Added to KEV Nov 3, 2021 · Cisco HyperFlex HX
CVE-2020-3566Patch this week
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.
Added to KEV Nov 3, 2021 · Cisco IOS XR
CVE-2020-3569Patch this week
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.
Added to KEV Nov 3, 2021 · Cisco IOS XR
CVE-2020-3161Patch this week
Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service (DoS) condition.
Added to KEV Nov 3, 2021 · Cisco IP Phones
CVE-2019-1653Patch this week
Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configuration or detailed diagnostic information.
Added to KEV Nov 3, 2021 · Cisco Small Business RV320 and RV325 Routers
CVE-2018-0296Patch this week
Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco Adaptive Security Appliance (ASA) contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service (DoS) condition or information disclosure.
Added to KEV Nov 3, 2021 · Cisco Adaptive Security Appliance (ASA)
CVE-2019-5591Plan to patch
Fortinet FortiOS Default Configuration Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS contains a default configuration vulnerability that may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the Lightweight Directory Access Protocol (LDAP) server.
Added to KEV Nov 3, 2021 · Fortinet FortiOS
CVE-2020-12812Known ransomware usePatch now
Fortinet FortiOS SSL VPN Improper Authentication Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.
Added to KEV Nov 3, 2021 · Fortinet FortiOS
CVE-2018-13379Known ransomware usePatch now
Fortinet FortiOS SSL VPN Path Traversal Vulnerability
Affects anyone whose internet connection goes through a Fortinet appliance — typically a FortiGate firewall or FortiClient VPN. The firewall sits between every device in the office and the internet; exploitation can mean an attacker gets inside the network perimeter without touching a workstation.
Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.
Added to KEV Nov 3, 2021 · Fortinet FortiOS
CVE-2020-15505Patch this week
Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti MobileIron's Core & Connector, Sentry, and Monitor and Reporting Database (RDB) products contain an unspecified vulnerability that allows for remote code execution.
Added to KEV Nov 3, 2021 · Ivanti MobileIron Multiple Products
CVE-2021-22893Known ransomware usePatch now
Ivanti Pulse Connect Secure Use-After-Free Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to execute code via license services.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2020-8243Patch this week
Ivanti Pulse Connect Secure Code Execution Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure contains an unspecified vulnerability in the admin web interface that could allow an authenticated attacker to upload a custom template to perform code execution.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2021-22900Patch this week
Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2021-22894Patch this week
Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authenticated users to execute code as the root user via maliciously crafted meeting room.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2020-8260Patch this week
Ivanti Pulse Connect Secure Code Execution Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Pulse Connect Secure contains an unspecified vulnerability that allows an authenticated attacker to perform code execution using uncontrolled gzip extraction.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2021-22899Patch this week
Ivanti Pulse Connect Secure Command Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2019-11510Known ransomware usePatch now
Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacker with network access via HTTPS to send a specially crafted URI.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure
CVE-2019-11539Known ransomware usePatch now
Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability
Affects anyone using Ivanti VPN (Connect Secure or Pulse) or Ivanti endpoint management. The VPN is what remote workers use to reach internal systems; the endpoint management tool typically has admin reach into every laptop — exploitation in either is high-impact.
Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands.
Added to KEV Nov 3, 2021 · Ivanti Pulse Connect Secure and Pulse Policy Secure
CVE-2021-20021Known ransomware usePatch now
SonicWall Email Security Improper Privilege Management Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall Email Security contains an improper privilege management vulnerability that allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20022 and CVE-2021-20023 to achieve privilege escalation.
Added to KEV Nov 3, 2021 · SonicWall Email Security
CVE-2019-7481Known ransomware usePatch now
SonicWall SMA100 SQL Injection Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SMA100 contains a SQL injection vulnerability allowing an unauthenticated user to gain read-only access to unauthorized resources.
Added to KEV Nov 3, 2021 · SonicWall SMA100
CVE-2021-20022Known ransomware usePatch now
SonicWall Email Security Unrestricted Upload of File Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall Email Security contains an unrestricted upload of file with dangerous type vulnerability that allows a post-authenticated attacker to upload a file to the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20023 to achieve privilege escalation.
Added to KEV Nov 3, 2021 · SonicWall Email Security
CVE-2021-20023Known ransomware usePatch now
SonicWall Email Security Path Traversal Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall Email Security contains a path traversal vulnerability that allows a post-authenticated attacker to read files on the remote host. This vulnerability has known usage in a SonicWall Email Security exploit chain along with CVE-2021-20021 and CVE-2021-20022 to achieve privilege escalation.
Added to KEV Nov 3, 2021 · SonicWall Email Security
CVE-2018-0171Patch this week
Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.
Added to KEV Nov 3, 2021 · Cisco IOS and IOS XE
CVE-2020-3118Patch this week
Cisco IOS XR Software Discovery Protocol Format String Vulnerability
Affects anyone with Cisco networking or security appliances on their network — typically a firewall, switch, or remote-access VPN. That device controls traffic to and from every workstation; exploitation can mean an attacker pivots inside the network without touching any user device.
Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.
Added to KEV Nov 3, 2021 · Cisco IOS XR
CVE-2021-20016Known ransomware usePatch now
SonicWall SSLVPN SMA100 SQL Injection Vulnerability
Affects anyone whose network is fronted by a SonicWall firewall or SSL VPN. The device sits at the edge between your office and the internet and authenticates remote workers — exploitation typically means an attacker reaches inside without needing a user credential.
SonicWall SSLVPN SMA100 contains a SQL injection vulnerability that allows remote exploitation for credential access by an unauthenticated attacker.
Added to KEV Nov 3, 2021 · SonicWall SSLVPN SMA100