News

Top Exploited Vulnerabilities of 2020 and 2021

Giulio Saggin
Giulio Saggin
Tuesday, 28 November 2023
Top Exploited Vulnerabilities of 2020 and 2021
SecAlerts Stock Image

**A ** Joint Cybersecurity Advisory (JCA) , coauthored by the US Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the UK’s National Cyber Security Centre (NCSC), and the FBI, has found that, in 2020, cyber actors readily exploited disclosed vulnerabilities - the majority of which were disclosed during the past two years - to compromise unpatched systems.

Four of the most targeted vulnerabilities affected remote work, VPNs, or cloud-based technologies; a fact more than likely due to the volume of 'out of office' work brought about by COVID.

CISA, ACSC, NCSC, and FBI consider the following vulnerabilities to be the topmost regularly exploited CVEs by cyber actors during 2020:

Citrix - CVE-2019-19781 _ - arbitrary code execution_

Pulse - CVE-2019-11510 _ - arbitrary file reading_

Fortinet - CVE-2018-13379 _ - path traversal_

F5- Big IP - CVE-2020-5902 _ - remote code execution (RCE)_

MobileIron - CVE-2020-15505 _ - RCE_

Microsoft - CVE-2017-11882 _ - RCE_

Atlassian - CVE-2019-11580 _ - RCE_

Drupal - CVE-2018-7600 _ - RCE_

Telerik - CVE-2019-18935 _ - RCE_

Microsoft - CVE-2019-0604 _ - RCE_

Microsoft - CVE-2020-0787 _ - elevation of privilege_

Netlogon - CVE-2020-1472 _ - elevation of privilege_

In 2021, cyber actors have continued targeting vulnerabilities in perimeter-type devices. The JCA states that priority should be given for patching for the following CVEs, which are known to be exploited ...

Microsoft Exchange:

CVE-2021-26855

CVE-2021-26857

CVE-2021-26858

CVE-2021-27065

Pulse Secure:

CVE-2021-22893

CVE-2021-22894

CVE-2021-22899

CVE-2021-22900

Accellion:

CVE-2021-27101

CVE-2021-27102

CVE-2021-27103

CVE-2021-27104

VMware:

CVE-2021-21985

Fortinet:

CVE-2018-13379

CVE-2020-12812

CVE-2019-5591

The JCA advises that updating software versions once patches are available is the best way to mitigate many vulnerabilities. However, they state that if this isn't possible, "consider applying temporary workarounds or other mitigations, if provided by the vendor ... to further assist remediation, automatic software updates should be enabled whenever possible."

Businesses often use multiple software and keeping across all the vendors and their updates etc can be time-consuming and lead to missed alerts which, in turn, leaves them at risk. Automated software updates is one way of preventing this.

Bad actors ply their trade in many ways and using software vulnerabilities to access computers and their networks is one of them. Making sure your software is up to date is one way to ensure the safety of your business.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203