Cybersecurity Alerts

Actively Exploited Vulnerabilities

The vulnerabilities listed below are sourced from the CISA Known Exploited Vulnerabilities catalog and represent security flaws that are actively being exploited in the wild. This list is updated daily. If you are unsure whether your systems are affected, contact us and we will help you assess your exposure.

CVE-2020-29583
Zyxel | Multiple Products
Zyxel Multiple Products Use of Hard-Coded Credentials Vulnerability
Zyxel firewalls (ATP, USG, VM) and AP Controllers (NXC2500 and NXC5500) contain a use of hard-coded credentials vulnerability in an undocumented account ("zyfwp") with an unchangeable password.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-29557
D-Link | DIR-825 R1 Devices
D-Link DIR-825 R1 Devices Buffer Overflow Vulnerability
D-Link DIR-825 R1 devices contain a buffer overflow vulnerability in the web interface that may allow for remote code execution.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-27950
Apple | Multiple Products
Apple Multiple Products Memory Initialization Vulnerability
Apple iOS, iPadOS, macOS, and watchOS contain a memory initialization vulnerability that may allow a malicious application to disclose kernel memory.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-27932
Apple | Multiple Products
Apple Multiple Products Type Confusion Vulnerability
Apple iOS, iPadOS, macOS, and watchOS contain a type confusion vulnerability that may allow a malicious application to execute code with kernel privileges.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-27930
Apple | Multiple Products
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, and watchOS FontParser contain a memory corruption vulnerability which may allow for code execution when processing maliciously crafted front.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-26919
NETGEAR | JGS516PE Devices
Netgear JGS516PE Devices Missing Function Level Access Control Vulnerability
Netgear JGS516PE devices contain a missing function level access control vulnerability.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-2555
Oracle | Multiple Products
Oracle Multiple Products Remote Code Execution Vulnerability
Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with network access via T3 or HTTP to takeover the affected system. Impacted Oracle products: Oracle Coherence in Fusion Middleware, Oracle Utilities Framework, Oracle Retail Assortment Planning, Oracle Commerce, Oracle Communications Diameter Signaling Router (DSR).
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-25506
D-Link | DNS-320 Device
D-Link DNS-320 Device Command Injection Vulnerability
D-Link DNS-320 device contains a command injection vulnerability in the sytem_mgr.cgi component that may allow for remote code execution.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-25213
WordPress | File Manager Plugin
WordPress File Manager Plugin Remote Code Execution Vulnerability
WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-24557
Trend Micro | Apex One, OfficeScan, and Worry-Free Business Security
Trend Micro Multiple Products Improper Access Control Vulnerability
Trend Micro Apex One, OfficeScan, and Worry-Free Business Security on Microsoft Windows contain an improper access control vulnerability that may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function, and attain privilege escalation.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-17530
Apache | Struts
Apache Struts Remote Code Execution Vulnerability
Forced Object-Graph Navigation Language (OGNL) evaluation in Apache Struts, when evaluated on raw user input in tag attributes, can lead to remote code execution.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-17496
vBulletin | vBulletin
vBulletin PHP Module Remote Code Execution Vulnerability
The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. This CVE ID resolves an incomplete patch for CVE-2019-16759.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-17144
Microsoft | Exchange Server
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server improperly validates cmdlet arguments which allow an attacker to perform remote code execution.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-17087
Microsoft | Windows
Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-16846
SaltStack | Salt
SaltStack Salt Shell Injection Vulnerability
SaltStack Salt allows an unauthenticated user with network access to the Salt API to use shell injections to run code on the Salt API using the SSH client. This vulnerability affects any users running the Salt API.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-16017
Google | Chrome
Google Chrome Use-After-Free Vulnerability
Google Chrome contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-16013
Google | Chromium V8
Google Chromium V8 Incorrect Implementation Vulnerabililty
Google Chromium V8 Engine contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-16010
Google | Chrome for Android UI
Google Chrome for Android UI Heap Buffer Overflow Vulnerability
Google Chrome for Android UI contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-16009
Google | Chromium V8
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-15999
Google | Chrome FreeType
Google Chrome FreeType Heap Buffer Overflow Vulnerability
Google Chrome uses FreeType, an open-source software library to render fonts, which contains a heap buffer overflow vulnerability in the function Load_SBit_Png when processing PNG images embedded into fonts. This vulnerability is part of an exploit chain with CVE-2020-17087 on Windows and CVE-2020-16010 on Android.
Added 2021-11-03
Remediation Deadline 2021-11-17
CVE-2020-15505
Ivanti | MobileIron Multiple Products
Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability
Ivanti MobileIron's Core & Connector, Sentry, and Monitor and Reporting Database (RDB) products contain an unspecified vulnerability that allows for remote code execution.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-14883
Oracle | WebLogic Server
Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic Server contains an unspecified vulnerability in the Console component with high impacts to confidentilaity, integrity, and availability.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-14882
Oracle | WebLogic Server
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server contains an unspecified vulnerability, which is assessed to allow for remote code execution, based on this vulnerability being related to CVE-2020-14750.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-14871
Oracle | Solaris and Zettabyte File System (ZFS)
Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability
Oracle Solaris and Oracle ZFS Storage Appliance Kit contain an unspecified vulnerability causing high impacts to confidentiality, integrity, and availability of affected systems.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-14750
Oracle | WebLogic Server
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server contains an unspecified vulnerability allowing an unauthenticated attacker to perform remote code execution. This vulnerability is related to CVE-2020-14882.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-1472Active Ransomware Campaign
Microsoft | Netlogon
Microsoft Netlogon Privilege Escalation Vulnerability
Microsoft's Netlogon Remote Protocol (MS-NRPC) contains a privilege escalation vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller. An attacker who successfully exploits the vulnerability could run a specially crafted application on a device on the network. The vulnerability is also known under the moniker of Zerologon.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-1464
Microsoft | Windows
Microsoft Windows Spoofing Vulnerability
Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-1380
Microsoft | Internet Explorer
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability
Microsoft Internet Explorer contains a memory corruption vulnerability which can allow for remote code execution in the context of the current user.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-1350
Microsoft | Windows
Microsoft Windows DNS Server Remote Code Execution Vulnerability
Microsoft Windows DNS Servers fail to properly handle requests, allowing an attacker to perform remote code execution in the context of the Local System Account. The vulnerability is also known under the moniker of SIGRed.
Added 2021-11-03
Remediation Deadline 2022-05-03
CVE-2020-12812Active Ransomware Campaign
Fortinet | FortiOS
Fortinet FortiOS SSL VPN Improper Authentication Vulnerability
Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username.
Added 2021-11-03
Remediation Deadline 2022-05-03