Top 30 Critical Security Vulnerabilities Most Exploited by Hackers

3 years ago 387
BOOK THIS SPACE FOR AD
ARTICLE AD

Security Vulnerabilities

Intelligence agencies in Australia, the U.K., and the U.S. issued a joint advisory on Wednesday detailing the most exploited vulnerabilities in 2020 and 2021, once again demonstrating how threat actors are able to weaponize publicly disclosed flaws to their advantage swiftly.

"Cyber actors continue to exploit publicly known—and often dated—software vulnerabilities against broad target sets, including public and private sector organizations worldwide," the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom's National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) noted.

"However, entities worldwide can mitigate the vulnerabilities listed in this report by applying the available patches to their systems and implementing a centralized patch management system."

Stack Overflow Teams

The top 30 vulnerabilities span a wide range of software, including remote work, virtual private networks (VPNs), and cloud-based technologies, that cover a broad spectrum of products from Microsoft, VMware, Pulse Secure, Fortinet, Accellion, Citrix, F5 Big IP, Atlassian, and Drupal.

The most routinely exploited flaws in 2020 are as follows -

CVE-2019-19781 (CVSS score: 9.8) - Citrix Application Delivery Controller (ADC) and Gateway directory traversal vulnerability CVE-2019-11510 (CVSS score: 10.0) - Pulse Connect Secure arbitrary file reading vulnerability CVE-2018-13379 (CVSS score: 9.8) - Fortinet FortiOS path traversal vulnerability leading to system file leak CVE-2020-5902 (CVSS score: 9.8) - F5 BIG-IP remote code execution vulnerability CVE-2020-15505 (CVSS score: 9.8) - MobileIron Core & Connector remote code execution vulnerability CVE-2020-0688 (CVSS score: 8.8) - Microsoft Exchange memory corruption vulnerability CVE-2019-3396 (CVSS score: 9.8) - Atlassian Confluence Server remote code execution vulnerability CVE-2017-11882 (CVSS score: 7.8) - Microsoft Office memory corruption vulnerability CVE-2019-11580 (CVSS score: 9.8) - Atlassian Crowd and Crowd Data Center remote code execution vulnerability CVE-2018-7600 (CVSS score: 9.8) - Drupal remote code execution vulnerability CVE-2019-18935 (CVSS score: 9.8) - Telerik .NET deserialization vulnerability resulting in remote code execution CVE-2019-0604 (CVSS score: 9.8) - Microsoft SharePoint remote code execution vulnerability CVE-2020-0787 (CVSS score: 7.8) - Windows Background Intelligent Transfer Service (BITS) elevation of privilege vulnerability CVE-2020-1472 (CVSS score: 10.0) - Windows Netlogon elevation of privilege vulnerability
Prevent Ransomware Attacks

The list of vulnerabilities that have come under active attack thus far in 2021 are listed below -

Microsoft Exchange Server: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065 (aka "ProxyLogon") Pulse Secure: CVE-2021-22893, CVE-2021-22894, CVE-2021-22899, and CVE-2021-22900 Accellion: CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, and CVE-2021-27104 VMware: CVE-2021-21985 Fortinet: CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591

The development also comes a week after MITRE published a list of top 25 "most dangerous" software errors that could lead to serious vulnerabilities that could be exploited by an adversary to take control of an affected system, obtain sensitive information, or cause a denial-of-service condition.

"The advisory [...] puts the power in every organisation's hands to fix the most common vulnerabilities, such as unpatched VPN gateway devices," NCSC Director for Operations, Paul Chichester, said, while urging the need to prioritize patching to minimize the risk of being exploited by malicious actors.


Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.

Read Entire Article