Arsenal Exploits TTP Matrix KillChain Mapa Actores SSLBL RansomLook Ransomwhere Alertas CyberNews

Known Exploits

56 CVEs · 33 críticos · 13 altos · CVSS promedio: 8.7

CRITICAL 33HIGH 13MEDIUM 8UNKNOWN 2

CVE	Vendor	Producto	CVSS	Severidad	Grupo
CVE-2024-3400	Palo Alto Networks	PAN-OS (Edge Firewalls)	10	CRITICAL	0apt
CVE-2024-1709 & CVE-2024-1709	ConnectWise	ScreenConnect	10	CRITICAL	blackbasta
CVE-2021-44228 ("Log4Shell")	Apache	Log4j	10	CRITICAL	lockbit
CVE-2023-46604	Apache	ActiveMQ	10	CRITICAL	ransomhub
CVE-2025-61882	Oracle	Oracle E-Business Suite (EBS)	9.8	CRITICAL	0apt
CVE-2022-40684	Fortinet	FortiOS	9.8	CRITICAL	akira
CVE-2023-48788	Fortinet	FortiClient	9.8	CRITICAL	akira
CVE-2024-40766	SonicWall	SonicOS SSL-VPN	9.8	CRITICAL	akira
CVE-2024-40711	Veeam	Backup & Replication	9.8	CRITICAL	akira
CVE-2021-21972	VMware	vSphere Client	9.8	CRITICAL	akira
CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104	Accellion	Accellion File Transfer Appliance	9.8	CRITICAL	clop
CVE-2024-55956	Cleo	Cleo VLTrader, Harmony, LexiCom	9.8	CRITICAL	clop
CVE-2025-61882	Oracle	E-Business	9.8	CRITICAL	clop
CVE-2023-34362	Progress Software	MOVEit	9.8	CRITICAL	clop
CVE-2023-27350 & CVE-2023-27351	PaperCut	PaperCut Application Server	9.8	CRITICAL	clop
CVE-2021-22986	F5	iControl REST	9.8	CRITICAL	lockbit
CVE-2019-0708 ("BlueKeep")	Windows	Remote Desktop Services	9.8	CRITICAL	lockbit
CVE-2023-22515	Atlassian	Confluence Data Center & Server	9.8	CRITICAL	ransomhub
CVE-2023-3519	Citrix	NetScaler ADC & Gateway	9.8	CRITICAL	ransomhub
CVE-2023-27997	Fortinet	FortiOS SSL-VPN & FortiProxy	9.8	CRITICAL	ransomhub
CVE-2023-48788	Fortinet	FortiClientEMS	9.8	CRITICAL	ransomhub
CVE-2023-46747	F5	BIG-IP	9.8	CRITICAL	ransomhub
CVE-2025-61882	Oracle	Oracle E-Business Suite (EBS)	9.8	CRITICAL	shinyhunters
CVE-2025-61882	Oracle	Oracle E-Business Suite (EBS)	9.8	CRITICAL	sinobi
CVE-2024-53704	SonicWall	SonicWall SSL VPN	9.8	CRITICAL	sinobi
CVE-2024-40766	SonicWall	SonicWall SonicOS	9.8	CRITICAL	sinobi
CVE-2025-43995	DSM	DSM Data Collector	9.8	CRITICAL	tengu
CVE-2025-55754	Other	Console (ANSI Injection)	9.6	CRITICAL	tengu
CVE-2023-4966 ("Citrixbleed")	Citrix	NetScaler ADC & Gateway	9.4	CRITICAL	lockbit
CVE-2024-21887	Ivanti	VPN Appliance	9.1	CRITICAL	0apt
CVE-2018-13379	Fortinet	FortiOS	9.1	CRITICAL	lockbit
CVE-2025-22457	Ivanti	Ivanti ICS	9	CRITICAL	0apt
CVE-2021-35211	SolarWinds	SolarWinds Serv-U FTP	9	CRITICAL	clop
CVE-2021-1675 & CVE-2021-34527 ("PrintNightmare")	Windows	Print Spooler	8.8	HIGH	blackbasta
CVE-2017-0144 ("EternalBlue")	Windows	SMBv1	8.8	HIGH	ransomhub
CVE-2026-20045	Cisco	Cisco Unified Communications	8.2	HIGH	shinyhunters
CVE-2024-26169	Windows	Windows Error Reporting Service	7.8	HIGH	blackbasta
CVE-2022-30190 ("Follina")	Windows	MSDT	7.8	HIGH	blackbasta
CVE-2020-0787	Windows	BITS	7.8	HIGH	ransomhub
CVE-2020-3259	Cisco	ASA & FTD	7.5	HIGH	akira
CVE-2023-27532	Veeam	Backup & Replication	7.5	HIGH	akira
CVE-2021-42278 & CVE-2021-42287 ("NoPac")	Windows	Active Directory	7.5	HIGH	blackbasta
CVE-2024-57727	SimpleHelp	SimpleHelp RMM	7.5	HIGH	medusa
CVE-2024-38178	Microsoft	Windows Scripting Engine	7.5	HIGH	tengu
CVE-2023-0669	Fortra	GoAnywhere Managed File Transfer	7.2	HIGH	clop
CVE-2023-0669	Fortra	GoAnywhere Managed File Transfer	7.2	HIGH	lockbit
CVE-2024-37085 ("ESX Admins")	VMware	ESXi	6.8	MEDIUM	akira
CVE-2024-37085 ("ESX Admins")	VMware	ESXi	6.8	MEDIUM	blackbasta
CVE-2019-6693	Fortinet	FortiOS	6.5	MEDIUM	akira
CVE-2020-1472 ("ZeroLogon")	Windows	NetLogon	5.5	MEDIUM	blackbasta
CVE-2020-1472 ("ZeroLogon")	Windows	NetLogon	5.5	MEDIUM	lockbit
CVE-2020-1472 ("ZeroLogon")	Windows	NetLogon	5.5	MEDIUM	ransomhub
CVE-2023-20269	Cisco	ASA & FTD	5	MEDIUM	akira
CVE-2023-20263	Cisco	ASA & FTD	4.7	MEDIUM	akira
CVE-2023–27350 & CVE-2023–27351	PaperCut	PaperCut Application Server	0	UNKNOWN	lockbit
OAuth Abuse	Snowflake	Snowflake (credential stuffing / no MFA)	0	UNKNOWN	shinyhunters