Intelligence companies in Australia, the U.K., and the U.S. issued a joint advisory on Wednesday detailing the most exploited vulnerabilities in 2020 and 2021, once again demonstrating how threat actors are capable to weaponize publicly disclosed flaws to their edge quickly.
“Cyber actors go on to exploit publicly known—and typically dated—software vulnerabilities against broad target sets, which include general public and private sector companies throughout the world,” the U.S. Cybersecurity and Infrastructure Security Company (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) famous.
“Nonetheless, entities throughout the world can mitigate the vulnerabilities detailed in this report by applying the offered patches to their units and utilizing a centralized patch management program.”
The top 30 vulnerabilities span a wide selection of software program, including distant work, virtual non-public networks (VPNs), and cloud-dependent technologies, that cover a wide spectrum of items from Microsoft, VMware, Pulse Secure, Fortinet, Accellion, Citrix, F5 Big IP, Atlassian, and Drupal.
The most routinely exploited flaws in 2020 are as follows –
- CVE-2019-19781 (CVSS rating: 9.8) – Citrix Application Shipping and delivery Controller (ADC) and Gateway listing traversal vulnerability
- CVE-2019-11510 (CVSS score: 10.) – Pulse Link Protected arbitrary file reading through vulnerability
- CVE-2018-13379 (CVSS score: 9.8) – Fortinet FortiOS route traversal vulnerability foremost to system file leak
- CVE-2020-5902 (CVSS score: 9.8) – F5 Massive-IP remote code execution vulnerability
- CVE-2020-15505 (CVSS rating: 9.8) – MobileIron Core & Connector remote code execution vulnerability
- CVE-2020-0688 (CVSS rating: 8.8) – Microsoft Exchange memory corruption vulnerability
- CVE-2019-3396 (CVSS rating: 9.8) – Atlassian Confluence Server remote code execution vulnerability
- CVE-2017-11882 (CVSS rating: 7.8) – Microsoft Workplace memory corruption vulnerability
- CVE-2019-11580 (CVSS score: 9.8) – Atlassian Crowd and Group Info Middle remote code execution vulnerability
- CVE-2018-7600 (CVSS score: 9.8) – Drupal remote code execution vulnerability
- CVE-2019-18935 (CVSS rating: 9.8) – Telerik .NET deserialization vulnerability resulting in remote code execution
- CVE-2019-0604 (CVSS score: 9.8) – Microsoft SharePoint remote code execution vulnerability
- CVE-2020-0787 (CVSS rating: 7.8) – Windows Track record Smart Transfer Support (BITS) elevation of privilege vulnerability
- CVE-2020-1472 (CVSS rating: 10.) – Windows Netlogon elevation of privilege vulnerability
The list of vulnerabilities that have arrive below lively attack as a result far in 2021 are stated underneath –
- Microsoft Trade Server: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065 (aka “ProxyLogon”)
- Pulse Protected: CVE-2021-22893, CVE-2021-22894, CVE-2021-22899, and CVE-2021-22900
- Accellion: CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, and CVE-2021-27104
- VMware: CVE-2021-21985
- Fortinet: CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591
The improvement also comes a 7 days after MITRE posted a record of top 25 “most harmful” program faults that could direct to critical vulnerabilities that could be exploited by an adversary to consider command of an impacted technique, get hold of sensitive details, or cause a denial-of-service situation.
“The advisory […] puts the power in each organisation’s fingers to fix the most frequent vulnerabilities, such as unpatched VPN gateway products,” NCSC Director for Functions, Paul Chichester, stated, while urging the will need to prioritize patching to lessen the risk of being exploited by destructive actors.
Located this posting interesting? Adhere to THN on Fb, Twitter and LinkedIn to read far more special information we write-up.
Some components of this report are sourced from: