'Top 30 vulnerabilities exploited in 2020 and 2021' announced by cyber security authorities in the United States, United Kingdom and Australia such as the FBI
On July 28, 2021, cybersecurity authorities in the United States, United Kingdom, and Australia, such as the Federal Bureau of Investigation (FBI), released the most exploited vulnerabilities in 2020 and 2021 against these vulnerabilities. He called for patching and special caution.
Top Routinely Exploited Vulnerabilities | CISA
https://us-cert.cisa.gov/ncas/alerts/aa21-209a
US, UK, Australia issue joint advisory on today's top exploited vulnerabilities --The Record by Recorded Future
https://therecord.media/us-uk-australia-issue-joint-advisory-on-todays-top-exploited-vulnerabilities/
The US FBI and the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security, the National Cyber Security Center (NCSC) of the United Kingdom, and the Australian Cybersecurity Center (ACSC) announced on July 28, 'Daily The top 30 vulnerabilities that are exploited are summarized and announced as 'Alert (AA21-209A)', which is a joint recommendation calling for caution from related organizations.
◆ 2020
The 14 most exploited vulnerabilities published by the FBI in 2020 are:
| Common Vulnerabilities and Exposures | vendor | type |
|---|---|---|
| CVE-2019-19781 | Citrix | Arbitrary code execution |
| CVE-2019-11510 | Pulse | Read any file |
| CVE-2018-13379 | Fortinet | Past traversal |
| CVE-2020-5902 | F5 BIG-IP | Remote code execution |
| CVE-2020-15505 | MobileIron | Remote code execution |
| CVE-2020-0688 | Microsoft | Remote code execution |
| CVE-2019-3396 | Atlassian | Remote code execution |
| CVE-2017-11882 | Microsoft | Remote code execution |
| CVE-2019-11580 | Atlassian | Remote code execution |
| CVE-2018-7600 | Drupal | Remote code execution |
| CVE-2019-18935 | Telerik | Remote code execution |
| CVE-2019-0604 | Microsoft | Remote code execution |
| CVE-2020-0787 | Microsoft | Elevation of privilege |
| CVE-2020-1472 | Netlogon | Elevation of privilege |
Of these, the one that was particularly abused was CVE-2019-19781. According to the report, 'The reason why cyber actors such as state institutions or criminals prefer this vulnerability is that it is easy to exploit, Citrix servers are widespread, and the exploitation causes unauthorized remote code execution on the target system. There are things that can be done, etc. '
◆ 2021
The 2021 ones are organized by vendor.
| vendor | Common Vulnerabilities and Exposures |
|---|---|
| Microsoft | CVE-2021-26855 / CVE-2021-26857 / CVE-2021-26858 / CVE-2021-27065 |
| Pulse | CVE-2021-22893 / CVE-2021-22894 / CVE-2021-22899 / CVE-2021-22900 |
| Accellion | CVE-2021-27101 / CVE-2021-27102 / CVE-2021-27103 / CVE-2021-27104 |
| VMware | CVE-2021-21985 |
| Fortinet | CVE-2018-13379 / CVE-2020-12812 / CVE-2019-5591 |
Among the vulnerabilities exploited in 2021, the one that caused the most damage was ProxyLogon , a series of vulnerabilities found in Microsoft's Exchange Server . Since these vulnerabilities were found in systems widely used by large American companies and government offices, the ProxyLogon problem has evolved into a situation in which the US government issues an emergency directive.
It is also pointed out that the government has issued an emergency directive due to a cyber attack by China, and more than 30,000 organizations have already been hacked --GIGAZINE
Eric Goldstein, CISA's Executive Assistant Director for Cybersecurity, said, 'This joint recommendation is one of CISA's key activities, working with ACSC, NCSC and FBI to work with public and private sectors. The aim is to identify vulnerabilities that companies should prioritize patching and minimize the risk of being exploited by malicious cyber actors. '
Related Posts:
in Security, Posted by log1l_ks