Latest Ransomware CVEs – Vulnerabilities Abused by Ransomware Actors

By
BalaGanesh
-
0

Soc Investigation keeps track of the ransomware that actively exploits the unpatched ( CVE’s ) and reports up-to-date. CVE’s for each year and ransomware abusing the unpatched vulnerabilities list below.

This page will be automatically updated with the latest ransomware CVEs and Vulnerabilities Abused by Ransomware Actors will be visible on SOC INVESTIGATION Top Menu Page.

Year -2021
Product Name
Ransomware Group
CVE-2021-35211SolarWinds Serv-U product Clop ransomware
CVE-2021-34527Windows Print Spooler Remote Code Execution Magniber Ransomware
CVE-2021-42258BillQuick Web Suite
CVE-2021-22893PulseSecure VPN
CVE-2021-22941Citrix
CVE-2021-34523Microsoft Exchange
CVE-2021-34473Microsoft Exchange
CVE-2021-31207Microsoft Exchange
CVE-2021-26855Microsoft Exchange
CVE-2021-20016SonicWall
CVE-2021-22986F5
CVE-2021-28799QNAP
CVE-2021-31166Microsoft Windows
CVE-2021-36942Microsoft Windows
CVE-2021-40444Microsoft Office
CVE-2021-21985vCenter
CVE-2021-27101Accellion
CVE-2021-27104Accellion
CVE-2021-27102Accellion
CVE-2021-27103Accellion
CVE-2021-20655FileZen
CVE-2021-26084Atlassian
CVE-2021-40539Zoho corporation
CVE-2021-30116KaseyaREvil Ransomware
Year -2020
Product Name
Ransomware Group
CVE-2020-8260PulseSecure VPN
CVE-2020-8243PulseSecure VPN
CVE-2020-8196Citrix
CVE-2020-8195Citrix
CVE-2020-12812Fortinet
CVE-2020-5135SonicWall
CVE-2020-5902F5
CVE-2020-2021Palo Alto
CVE-2020-36198QNAP
CVE-2020-12271Sophos
CVE-2020-1472Microsoft WindowsRyuk Ransomware
Year -2019
Product Name
Ransomware Group
CVE-2019-11539PulseSecure VPNSekhmet, Mailto, Maze, Sodinokibi, Black Kingdom
CVE-2019-11510PulseSecure VPN Sodinokibi Ransomware
CVE-2019-19781CitrixRevil ransomware, Nefilim Ransomware
CVE-2019-11634Citrix Nefilim Ransomware
CVE-2019-5591Fortinet
CVE-2019-7481SonicWallRansomware campaign
CVE-2019-1579Palo Alto
CVE-2019-0604SharePoint
CVE-2019-0708Microsoft Windows
Year -2018
Product Name
Ransomware Group
CVE-2018-13379FortinetCring Ransomware, Sodinokibi Ransomware
Year -2017
Product Name
Ransomware Group
CVE-2017-0199Microsoft Office
CVE-2017-11882Microsoft Office
CVE-2017-0144Microsoft WindowsWannacry, Petya ransomware
Year -2016
Product Name
Ransomware Group
CVE-2016-1019Adobe Flash Player 21.0.0.197locky ransomware
Year -2015
Product Name
Ransomware Group
CVE-2015-1701Microsoft Windowslocky ransomware

Blank fields say that could be multiple ransomware groups involved. If you know the ransomware name for the Listed CVE or NEW CVE. Please comment below.

Previous articleTypes of SPLUNK Deployments and Configuration
Next articleThreat Hunting Using Windows Scheduled task
BalaGanesh
BalaGanesh
https://www.socinvestigation.com
Balaganesh is a Incident Responder. Certified Ethical Hacker, Penetration Tester, Security blogger, Founder & Author of Soc Investigation.

LEAVE A REPLY

Please enter your comment!
Please enter your name here