_2018 - RunkIntel

# Vulnerabilidades - 2018 Ano marcado pela exploração massiva de VPNs e appliances de rede. CVE-2018-13379 (FortiOS SSL VPN) tornou-se vetor favorito de ransomware, enquanto CVE-2018-0171 (Cisco Smart Install) foi explorado em ataques à infraestrutura. Flash Player e Adobe Acrobat também continuaram como alvos de zero-days. --- ## CVEs Documentados %% ```dataview TABLE WITHOUT ID cve-id AS "CVE", cvss-score AS "CVSS", vendor AS "Fornecedor", product AS "Produto" FROM "vulnerabilities/2018" SORT cvss-score DESC ``` %%   | CVE | CVSS | Fornecedor | Produto | | ---------------------------------------------------------- | ---- | ---------- | ------------------------------------------- | | [[cve-2018-0150\|CVE-2018-0150]] | 9.8 | Cisco | Cisco IOS XE | | [[cve-2018-0171\|CVE-2018-0171]] | 9.8 | Cisco | IOS / IOS XE (Smart Install) | | [[cve-2018-13379\|CVE-2018-13379]] | 9.8 | Fortinet | FortiOS SSL VPN | | [[cve-2018-4878\|CVE-2018-4878]] | 9.8 | Adobe | Flash Player | | [[cve-2018-0798\|CVE-2018-0798]] | 8.8 | Microsoft | Microsoft Office (Equation Editor) | | [[cve-2018-20250\|CVE-2018-20250]] | 8.8 | RARLAB | WinRAR | | [[cve-2018-4877\|CVE-2018-4877]] | 8.8 | Adobe | Adobe Flash Player | | [[cve-2018-4990\|CVE-2018-4990]] | 8.8 | Adobe | Acrobat DC / Acrobat Reader DC | | [[cve-2018-0802\|CVE-2018-0802]] | 7.8 | Microsoft | Microsoft Office (Equation Editor) | | [[cve-2018-14634\|CVE-2018-14634]] | 7.8 | Linux | Kernel Linux | | [[cve-2018-4063\|CVE-2018-4063]] | 7.8 | Cisco | Wireless LAN Controller | | [[cve-2018-8174\|CVE-2018-8174]] | 7.5 | Microsoft | Windows VBScript Engine (Internet Explorer) | | [[vulnerabilities/2018/_2018.md\|_2018]] | \- | \- | \- |