The joint report presents the most exploited vulnerabilities in 2020-2021.
The cybersecurity agencies of Australia, the United States and the United Kingdom have published a joint report that lists the most exploited vulnerabilities in 2020-2021.
The listed vulnerabilities affect a wide range of products, from VPN installations and network gateways to mail servers, corporate applications and desktop software connected to the Network. However, the main goal of the report was to show that cybercriminals are most often exploiting new vulnerabilities.
The list is not presented in the form of a rating by the level of severity of vulnerabilities, but is divided into two parts. The first part includes the vulnerabilities most often exploited in 2020:
CVE-2019-19781 – Directory Traversal in Citrix Netscaler;
CVE-2019-11510 – Unauthorized disclosure of arbitrary files on Pulse Secure Connect VPN.
CVE-2018-13379 – Unauthorized directory traversal in Fortinet FortioOS Secure Socket Layer VPN;
CVE-2020-5902 – Remote Code Execution in the F5 Big IP Traffic Management User Interface.
CVE-2020-15505 – MobileIron Core & Connector Remote Code Execution;
CVE-2020-0688 – Memory Corruption / Remote Code Execution in Microsoft Exchange.
CVE-2019-3396 – Atlassian Confluence Server Widget Connector Remote Code Execution
CVE-2017-11882 – Memory Corruption / Remote Code Execution in Microsoft Office.
CVE-2019-11580 – Remote Code Execution in Atlassian Crowd and Crowd Data Center;
CVE-2018-7600 – Remote Code Execution in Drupal Core Multiple;
CVE-2019-18935 – Insecure Telerik UI Deserialization for ASP.NET AJAX
CVE-2019-0604 – Remote Code Execution in Microsoft SharePoint.
CVE-2020-0787 – Windows Background Intelligent Transfer Service Privilege Escalation ;
CVE-2020-1472 – Windows Netlogon Privilege Escalation .
The second part of the list presents the vulnerabilities most often exploited in 2021, grouped by manufacturer:
Microsoft Exchange: CVE-2021-26855 , CVE-2021-26857 , CVE-2021-26858 and CVE-2021-27065 ;
Pulse Secure: CVE-2021-22893 , CVE-2021-22894 , CVE-2021-22899 and CVE-2021-22900 ;
Accellion: CVE-2021-27101 , CVE-2021-27102, CVE-2021-27103 , CVE-2021-27104 ;
VMware: CVE-2021-21985 ;
Fortinet: CVE-2018-13379 , CVE-2020-12812, and CVE-2019-5591 .
While it is nearly impossible to categorize vulnerabilities based on their popularity among attackers and the number of attacks, the report hopes that these two lists will encourage private companies and government agencies to pay attention to these problems, audit their networks and install appropriate updates if vulnerable devices are found.
Catch up on more stories here
Follow us on Facebook here