- Virtual Private Networks (VPNs), Firewalls, Routers, Switches, Load Balancers, Connection Gateways
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| Pulse Connect Secure | CVE-2024-21887 | Pioneer Kitten+ | cisa.gov |
| Ivanti MobileIron | CVE-2023-38035 | Cactus | bitdefender.com |
| Ivanti EPM Cloud Services Appliance (CSA) | CVE-2021-44529 | BlackCat | crowdstrike.com |
| Pulse Connect Secure & Pulse Policy Secure | CVE-2019-11539 | Pioneer Kitten+, REvil | cisa.gov / sentinelone.com |
| Pulse Connect Secure | CVE-2019-11510 | REvil, Pioneer Kitten+ | tenable.com / cisa.gov |
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| FortiOS SSL-VPN & FortiProxy | CVE-2023-27997 | RansomHub | cisa.gov |
| FortiClientEMS | CVE-2023-48788 | RansomHub | cisa.gov |
| FortiOS SSL-VPN | CVE-2022-42475 | CosmicBeetle* | welivesecurity.com |
| FortiOS | CVE-2022-40684 | Akira | stairwell.com |
| FortiOS SSL VPN | CVE-2020-12812 | Hive, PLAY | cisa.gov / cisa.gov |
| FortiOS | CVE-2019-6693 | Akira | stairwell.com |
| FortiOS | CVE-2019-5591 | Nemesis Kitten+ | secureworks.com |
| FortiOS | CVE-2018-13379 | Conti, LockBit, PLAY, REvil | tenable.com / cisa.gov / cisa.gov / trendmicro.com |
| FortiOS | CVE-2018-13374 | Conti | tenable.com |
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| BIG-IP | CVE-2023-46747 | RansomHub | cisa.gov |
| BIG-IP | CVE-2022-1388 | Pioneer Kitten+ | cisa.gov |
| iControl REST | CVE-2021-22986 | LockBit | cisa.gov |
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| PAN-OS Firewall | CVE-2024-3400 | Pioneer Kitten+ | cisa.gov |
| GlobalProtect Portal & Gateway Interface | CVE-2019-1579 | DarkSide | acronis.com |
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| XG Firewall | CVE-2020-12271 | Ragnarok | news.sophos.com |
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| SonicOS SSL-VPN | CVE-2024-40766 | Akira, Fog | arcticwolf.com / arcticwolf.com |
| SMA 100 | CVE-2021-20016, CVE-2021-20021, CVE-2021-20022, CVE-2021-20023 | FiveHands, HelloKitty | cloud.google.com / ic3.gov |
| SonicOS SSL-VPN | CVE-2020-5135 | Babuk | coveware.com |
| SMA 100 | CVE-2019-7481 | HelloKitty, BlackCat | bleepingcomputer.com / blackberry.com |
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| ASA & FTD | CVE-2023-20269 | Akira | cisco.com |
| ASA & FTD | CVE-2020-3259 | Akira | cisa.gov |
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| Security Gateway | CVE-2024-24919 | Pioneer Kitten+ | cisa.gov |
| Product | CVE(s) | Ransomware Group(s) | Source(s) |
|---|---|---|---|
| Zyxel Firewall | CVE-2024-42057, CVE-2024-11667 | Helldown | blog.sekoia.io |