Intelligence agencies in Australia, the U.K., and the U.S. issued a joint advisory on Wednesday detailing the most exploited vulnerabilities in 2020 and 2021, once again demonstrating how threat actors are able to swiftly weaponize publically disclosed flaws to their advantage.
“Cyber actors continue to exploit publicly known—and often dated—software vulnerabilities against broad target sets, including public and private sector organizations worldwide,” the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) noted.
The top vulnerabilities, reported by CERT/CC (Computer Emergency Response Team Coordination Center), researchers from the U.S. National Institute of Standards and Technology, and more, have been grouped into four threat groups: high risk, medium risk, low risk, and a special case of “unknown” vulnerabilities that include those with unique exploitation characteristics.
Below are the routinely most exploited flaws in 2020:
1. Citrix Application Delivery Controller (ADC) and Gateway directory traversal vulnerability – CVE-2019-19781 (CVSS score – 9.8)
2. Pulse Connect Secure arbitrary file reading vulnerability – CVE-2019-11510 (CVSS score: 10.0)
3. Fortinet FortiOS path traversal vulnerability leading to system file leak – CVE-2018-13379 (CVSS score: 9.8)
4. F5 BIG-IP remote code execution vulnerability – CVE-2020-5902 (CVSS score: 9.8)
5. MobileIron Core & Connector remote code execution vulnerability – CVE-2020-15505 (CVSS score: 9.8)
6. Microsoft Exchange memory corruption vulnerability – CVE-2020-0688 (CVSS score: 8.8)
7. Atlassian Confluence Server remote code execution vulnerability – CVE-2019-3396 (CVSS score: 9.8)
8. Microsoft Office memory corruption vulnerability – CVE-2017-11882 (CVSS score: 7.8)
9. Atlassian Crowd and Crowd Data Center remote code execution vulnerability – CVE-2019-11580 (CVSS score: 9.8)
10. Drupal remote code execution vulnerability – CVE-2018-7600 (CVSS score: 9.8)
11. Telerik .NET deserialization vulnerability resulting in remote code execution – CVE-2019-18935 (CVSS score: 9.8)
12. Microsoft SharePoint remote code execution vulnerability – CVE-2019-0604 (CVSS score: 9.8)
13. Windows Background Intelligent Transfer Service (BITS) elevation of privilege vulnerability – CVE-2020-0787 (CVSS score: 7.8)
14. Windows Netlogon elevation of privilege vulnerability – CVE-2020-1472 (CVSS score: 10.0)
The list of vulnerabilities that have come under attack thus far in 2021 are as follows:
1. Microsoft Exchange Server: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065 (aka “ProxyLogon”)
2. Pulse Secure: CVE-2021-22893, CVE-2021-22894, CVE-2021-22899, and CVE-2021-22900
3. Accellion: CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, and CVE-2021-27104
4. VMware: CVE-2021-21985
5. Fortinet: CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591
Interested in reading more about vulnerabilities and where they exsist? Guide to Mitigate Cloud Vulnerabilities discusses how to lessen vulnerabilities from the cloud.
If you would like liquidvideotechnologies.com to discuss developing your Home Security System, Networking, Access Control, Fire, IT consultant, or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at firstname.lastname@example.org.