These Were the Top Most Exploited Flaws That You Need to Patch Immediately

  • CISA has published its 2020 list with the most targeted and leveraged software vulnerabilities.
  • Only a small portion of them concerns flaws discovered and fixed in 2020, as the majority are older.
  • For 2021, the biggest troubles come from MS Exchange, Pulse Secure, Accellion, VMWare, and Fortinet VPN.

CISA, ACSC, the NCSC, and the FBI have compiled a list with the top most exploited vulnerabilities targeted by malicious actors in 2020, and if any of these concern you, you should consider patching them long overdue. In a pandemic-hit world, actors mostly focused on flaws that exist in VPNs, remote work tools, cloud-based solutions, etc. At the same time, the disordination of scattered IT teams responsible for defending against threats didn’t help mitigate the situation.

These are the top routinely exploited CVEs in 2020:

  • CVE-2019-19781 – Arbitrary code execution in Citrix ADC and Gateway
  • CVE-2019-11510 – Arbitrary file reading in Pulse Secure VPN
  • CVE-2018-13379 – Path traversal in Fortinet FortiOS SSL VPN
  • CVE-2020-5902 – Remote code execution in F5 BIG-IP
  • CVE-2020-15505 – Remote code execution in MobileIron Core and Connector
  • CVE-2017-11882 – Remote code execution in Microsoft Office
  • CVE-2019-11580 – Remote code execution in Atlassian Crowd and Crowd Data Center
  • CVE-2018-7600 – Remote code execution in Drupal
  • CVE-2019-18935 – Remote code execution in Telerik UI for ASP.NET AJAX
  • CVE-2019-0604 – Remote code execution in Microsoft SharePoint
  • CVE-2020-0787 – Elevation of privilege in Microsoft Windows Background Intelligent Transfer Service (BITS)
  • CVE-2020-1472 – Elevation of privilege in Netlogon

While four out of the twelve flaws mentioned above were discovered and patched in 2020, the rest were one, two, and even three years old. In fact, CVE-2017-11882 was included in CISA’s top 10 most exploited vulnerabilities to patch for 2019, yet it remained one of the most leveraged flaws in 2020. The same goes for the CVE-2018-7600 (Drupal) and CVE-2019-0604 (SharePoint). There’s just no excuse for leaving these products unpatched in 2021.

As for the running year, CISA has gathered enough data to be in a position to compile a tentative list, so here are the most targeted flaws in 2021:

  • Microsoft Exchange: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE2021-27065
  • Pulse Secure: CVE-2021-22893, CVE-2021-22894, CVE-2021-22899, and CVE-2021-22900
  • Accellion: CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104
  • VMware: CVE-2021-21985
  • Fortinet: CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591

The agency has provided a list of mitigations for each of the above vulnerabilities, so if you can’t apply the fixing patches through software updates for any reason, you should at least consult the advisory and figure out how you can minimize the risk of exploitation. Remember, these flaws are being used in automated scanning operations that can map large portions of the web, and the vulnerable endpoints are then used for dropping web shells and then typically sold to ransomware actors.

REVIEW OVERVIEW

Latest

Why Is Demon Slayer So Popular?

In August 2019, the world suddenly started talking about an anime series that had just released its nineteenth episode. Fast forward to...

F1 Live Stream 2022: How to Watch Formula 1 Without Cable

There's not much time until the 2022 Formula 1 World Championship gets underway - the first race is scheduled for late March,...

Disney+ Announces Basketball Series Inspired By Award-Winning Book The Crossover

Disney Plus announced a new basketball-themed drama series that is set to land on the streaming platform, drawing inspiration from the critically...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari