Soc Investigation keeps track of the ransomware that actively exploits the unpatched ( CVE’s ) and reports up-to-date. CVE’s for each year and ransomware abusing the unpatched vulnerabilities list below.
This page will be automatically updated with the latest ransomware CVEs and Vulnerabilities Abused by Ransomware Actors will be visible on SOC INVESTIGATION Top Menu Page .
CVE-2021-35211 SolarWinds Serv-U product Clop ransomware CVE-2021-34527 Windows Print Spooler Remote Code Execution Magniber Ransomware CVE-2021-42258 BillQuick Web Suite CVE-2021-22893 PulseSecure VPN CVE-2021-22941 Citrix CVE-2021-34523 Microsoft Exchange CVE-2021-34473 Microsoft Exchange CVE-2021-31207 Microsoft Exchange CVE-2021-26855 Microsoft Exchange CVE-2021-20016 SonicWall CVE-2021-22986 F5 CVE-2021-28799 QNAP CVE-2021-31166 Microsoft Windows CVE-2021-36942 Microsoft Windows CVE-2021-40444 Microsoft Office CVE-2021-21985 vCenter CVE-2021-27101 Accellion CVE-2021-27104 Accellion CVE-2021-27102 Accellion CVE-2021-27103 Accellion CVE-2021-20655 FileZen CVE-2021-26084 Atlassian CVE-2021-40539 Zoho corporation CVE-2021-30116 Kaseya REvil Ransomware
CVE-2020-8260 PulseSecure VPN CVE-2020-8243 PulseSecure VPN CVE-2020-8196 Citrix CVE-2020-8195 Citrix CVE-2020-12812 Fortinet CVE-2020-5135 SonicWall CVE-2020-5902 F5 CVE-2020-2021 Palo Alto CVE-2020-36198 QNAP CVE-2020-12271 Sophos CVE-2020-1472 Microsoft Windows Ryuk Ransomware
CVE-2019-11539 PulseSecure VPN Sekhmet, Mailto, Maze, Sodinokibi, Black Kingdom CVE-2019-11510 PulseSecure VPN Sodinokibi Ransomware CVE-2019-19781 Citrix Revil ransomware, Nefilim Ransomware CVE-2019-11634 Citrix Nefilim Ransomware CVE-2019-5591 Fortinet CVE-2019-7481 SonicWall Ransomware campaign CVE-2019-1579 Palo Alto CVE-2019-0604 SharePoint CVE-2019-0708 Microsoft Windows
CVE-2018-13379 Fortinet Cring Ransomware, Sodinokibi Ransomware
CVE-2017-0199 Microsoft Office CVE-2017-11882 Microsoft Office CVE-2017-0144 Microsoft Windows Wannacry, Petya ransomware
CVE-2016-1019 Adobe Flash Player 21.0.0.197 locky ransomware
CVE-2015-1701 Microsoft Windows locky ransomware
Blank fields say that could be multiple ransomware groups involved. If you know the ransomware name for the Listed CVE or NEW CVE. Please comment below.
