Skip to content

Commit

Permalink
Update KEV: Wed Jan 15 00:11:01 UTC 2025
Browse files Browse the repository at this point in the history 
Signed-off-by: AboutCode Automation <[email protected]>
  • Loading branch information
AboutCode Automation committed Jan 15, 2025
1 parent c473615 commit 2e2c4e5
Showing 1 changed file with 93 additions and 3 deletions.
96 changes: 93 additions & 3 deletions known_exploited_vulnerabilities.json
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,99 @@
{
"title": "CISA Catalog of Known Exploited Vulnerabilities",
"catalogVersion": "2025.01.08",
"dateReleased": "2025-01-08T23:14:48.1212Z",
"count": 1243,
"catalogVersion": "2025.01.14",
"dateReleased": "2025-01-14T19:09:06.4021Z",
"count": 1249,
"vulnerabilities": [
{
"cveID": "CVE-2025-21335",
"vendorProject": "Microsoft",
"product": "Windows",
"vulnerabilityName": "Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability",
"dateAdded": "2025-01-14",
"shortDescription": "Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.",
"requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"dueDate": "2025-02-04",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-21335 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-21335",
"cwes": [
"CWE-416"
]
},
{
"cveID": "CVE-2025-21334",
"vendorProject": "Microsoft",
"product": "Windows",
"vulnerabilityName": "Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability",
"dateAdded": "2025-01-14",
"shortDescription": "Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.",
"requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"dueDate": "2025-02-04",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-21334 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-21334",
"cwes": [
"CWE-416"
]
},
{
"cveID": "CVE-2025-21333",
"vendorProject": "Microsoft",
"product": "Windows",
"vulnerabilityName": "Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability",
"dateAdded": "2025-01-14",
"shortDescription": "Microsoft Windows Hyper-V NT Kernel Integration VSP contains a heap-based buffer overflow vulnerability that allows a local attacker to gain SYSTEM privileges.",
"requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"dueDate": "2025-02-04",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-21333 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-21333",
"cwes": [
"CWE-122"
]
},
{
"cveID": "CVE-2024-55591",
"vendorProject": "Fortinet",
"product": "FortiOS",
"vulnerabilityName": "Fortinet FortiOS Authorization Bypass Vulnerability",
"dateAdded": "2025-01-14",
"shortDescription": "Fortinet FortiOS contains an authorization bypass vulnerability that may allow an unauthenticated remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.",
"requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"dueDate": "2025-01-21",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https:\/\/fortiguard.fortinet.com\/psirt\/FG-IR-24-535 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-55591",
"cwes": [
"CWE-288"
]
},
{
"cveID": "CVE-2023-48365",
"vendorProject": "Qlik",
"product": "Sense",
"vulnerabilityName": "Qlik Sense HTTP Tunneling Vulnerability",
"dateAdded": "2025-01-13",
"shortDescription": "Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.",
"requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"dueDate": "2025-02-03",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https:\/\/community.qlik.com\/t5\/Official-Support-Articles\/Critical-Security-fixes-for-Qlik-Sense-Enterprise-for-Windows\/tac-p\/2120510 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-48365",
"cwes": [
"CWE-444"
]
},
{
"cveID": "CVE-2024-12686",
"vendorProject": "BeyondTrust",
"product": "Privileged Remote Access (PRA) and Remote Support (RS)",
"vulnerabilityName": "BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability",
"dateAdded": "2025-01-13",
"shortDescription": "BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain an OS command injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file. Successful exploitation of this vulnerability can allow a remote attacker to execute underlying operating system commands within the context of the site user.",
"requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"dueDate": "2025-02-03",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https:\/\/www.beyondtrust.com\/trust-center\/security-advisories\/bt24-11 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-12686",
"cwes": [
"CWE-78"
]
},
{
"cveID": "CVE-2025-0282",
"vendorProject": "Ivanti",
Expand Down

0 comments on commit 2e2c4e5

Please sign in to comment.