KEV 2015

Jenkins — Fingerprints Pages Expose Job and Build Names to Unauthenticated or Unauthorized Users, Enabling CI/CD Pipeline Enumeration

Intel IQVW32/IQVW64.sys — Signed Driver Vulnerability Exploited in BYOVD Attacks; Ransomware and APTs Load Driver to Disable Security Tools

Windows Win32k.sys — Kernel-Mode Driver Memory Corruption Enables Privilege Escalation; Patched MS15-061 (June 2015)

Internet Explorer — Memory Corruption via Crafted Web Page Enables RCE; July 2015 Patch Tuesday; Patched MS15-065

Mozilla Firefox / PDF.js — Same Origin Policy Bypass via PDF.js Zero-Day Actively Used to Steal Local Files; Emergency Firefox 39.0.3 (August 2015)

Adobe Flash Player — Integer Overflow Zero-Day Exploited During Holiday Period; Eighth and Final Flash Zero-Day of 2015; Emergency APSB15-32 (December 2015)

Windows TS WebProxy — TSWbPrxy Directory Traversal Enables Privilege Escalation in Terminal Services Web Access; Patched MS15-004

Adobe Flash Player — Memory Address Disclosure Bypasses ASLR; Used with CVE-2015-0311 in Angler Exploit Kit Drive-By Attacks; Patched APSB15-02

Windows / Office / .NET / Silverlight — TrueType Font Parsing RCE Affects Multiple Microsoft Components; Patched MS15-044

Microsoft Windows Kernel — Local Privilege Escalation to SYSTEM via Crafted Application; Patched MS15-135 (December 2015)

Internet Explorer — Zero-Day Memory Corruption Actively Exploited Before Patch; Emergency Out-of-Band Bulletin MS15-093 (August 2015)

Microsoft Office — Uninitialized Memory Corruption in Document Handling Enables Remote Code Execution; Patched MS15-059

Internet Explorer — JScript Engine Memory Corruption Enables RCE via Crafted Web Page; Patched MS15-065 (July 2015)

Windows ATMFD / OpenType — Hacking Team Zero-Day: Malformed OpenType Font in Document or Web Page Enables Kernel-Level RCE; Emergency Patch MS15-078

Microsoft PowerPoint — Memory Corruption in Presentation File Handling Enables RCE via Crafted Document; Patched MS15-070 (July 2015)

Windows Win32k.sys — Kernel Memory Corruption Enables Privilege Escalation to SYSTEM; Ransomware Use Confirmed; Patched MS15-097 (September 2015)

Microsoft Office — Memory Corruption in Document Processing Enables RCE via Crafted Document; Patched MS15-081 (August 2015)

Windows Win32k.sys — Zero-Day Kernel LPE Exploited by APT Before Patch; Used with IE RCE for Full-Chain Browser Compromise; Patched MS15-051

Windows ATMFD.DLL — Adobe Type Manager Font Driver Out-of-Bounds Write Enables Local Privilege Escalation; Hacking Team Context; Patched MS15-077

Microsoft Office — EPS Image Parser RCE via Crafted PostScript in Document; Exploited by Chinese-Nexus APTs; Microsoft Disabled EPS in Office 2017

Adobe Flash Player — Zero-Day Exploited by APT29 (Cozy Bear) in Targeted Attacks Against U.S. Government; Ransomware Use Confirmed; Emergency APSB15-27 (October 2015)

Cisco Prime DCNM — Unauthenticated fmserver Servlet Directory Traversal Allows Arbitrary File Read on Data Center Management Server; Fixed 7.1(1)

TP-Link Archer Routers — Unauthenticated Directory Traversal via login/ PATH_INFO Reads Arbitrary Files Including Device Credentials

Apple OS X — XPC Admin Framework Authentication Bypass Allows Local User to Gain Admin Privileges Without Password; Patched OS X 10.10.3

Microsoft Office — RTF File Memory Corruption Enables RCE via Malicious Document; Exploited by APTs Including Taidoor; Patched MS15-033