'Top 30 vulnerabilities exploited in 2020 and 2021' announced by cyber security authorities in the United States, United Kingdom and Australia such as the FBI

On July 28, 2021, cybersecurity authorities in the United States, United Kingdom, and Australia, such as the Federal Bureau of Investigation (FBI), released the most exploited vulnerabilities in 2020 and 2021 against these vulnerabilities. He called for patching and special caution.

Top Routinely Exploited Vulnerabilities | CISA

US, UK, Australia issue joint advisory on today's top exploited vulnerabilities --The Record by Recorded Future

The US FBI and the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security, the National Cyber Security Center (NCSC) of the United Kingdom, and the Australian Cybersecurity Center (ACSC) announced on July 28, 'Daily The top 30 vulnerabilities that are exploited are summarized and announced as 'Alert (AA21-209A)', which is a joint recommendation calling for caution from related organizations.

◆ 2020
The 14 most exploited vulnerabilities published by the FBI in 2020 are:

Common Vulnerabilities and Exposures vendor type
CVE-2019-19781 Citrix Arbitrary code execution
CVE-2019-11510 Pulse Read any file
CVE-2018-13379 Fortinet Past traversal
CVE-2020-5902 F5 BIG-IP Remote code execution
CVE-2020-15505 MobileIron Remote code execution
CVE-2020-0688 Microsoft Remote code execution
CVE-2019-3396 Atlassian Remote code execution
CVE-2017-11882 Microsoft Remote code execution
CVE-2019-11580 Atlassian Remote code execution
CVE-2018-7600 Drupal Remote code execution
CVE-2019-18935 Telerik Remote code execution
CVE-2019-0604 Microsoft Remote code execution
CVE-2020-0787 Microsoft Elevation of privilege
CVE-2020-1472 Netlogon Elevation of privilege

Of these, the one that was particularly abused was CVE-2019-19781. According to the report, 'The reason why cyber actors such as state institutions or criminals prefer this vulnerability is that it is easy to exploit, Citrix servers are widespread, and the exploitation causes unauthorized remote code execution on the target system. There are things that can be done, etc. '

◆ 2021
The 2021 ones are organized by vendor.
vendor Common Vulnerabilities and Exposures
Microsoft CVE-2021-26855 / CVE-2021-26857 / CVE-2021-26858 / CVE-2021-27065
Pulse CVE-2021-22893 / CVE-2021-22894 / CVE-2021-22899 / CVE-2021-22900
Accellion CVE-2021-27101 / CVE-2021-27102 / CVE-2021-27103 / CVE-2021-27104
VMware CVE-2021-21985
Fortinet CVE-2018-13379 / CVE-2020-12812 / CVE-2019-5591

Among the vulnerabilities exploited in 2021, the one that caused the most damage was ProxyLogon , a series of vulnerabilities found in Microsoft's Exchange Server . Since these vulnerabilities were found in systems widely used by large American companies and government offices, the ProxyLogon problem has evolved into a situation in which the US government issues an emergency directive.

It is also pointed out that the government has issued an emergency directive due to a cyber attack by China, and more than 30,000 organizations have already been hacked --GIGAZINE

Eric Goldstein, CISA's Executive Assistant Director for Cybersecurity, said, 'This joint recommendation is one of CISA's key activities, working with ACSC, NCSC and FBI to work with public and private sectors. The aim is to identify vulnerabilities that companies should prioritize patching and minimize the risk of being exploited by malicious cyber actors. '

in Security, Posted by log1l_ks