Jump to content
  • Cybersecurity agencies reveal top exploited vulnerabilities of 2021


    • 3 minutes

    • 3 minutes

    In partnership with the NSA and the FBI, cybersecurity authorities worldwide have released today a list of the top 15 vulnerabilities routinely exploited by threat actors during 2021.


    The cybersecurity authorities urged organizations in a joint advisory to promptly patch these security flaws and implement patch management systems to reduce their attack surface.


    Globally, malicious actors have been observed focusing their attacks on internet-facing systems, including email and virtual private network (VPN) servers, using exploits targeting newly disclosed vulnerabilities.


    "U.S., Australian, Canadian, New Zealand, and UK cybersecurity authorities assess, in 2021, malicious cyber actors aggressively targeted newly disclosed critical software vulnerabilities against broad target sets, including public and private sector organizations worldwide," the advisory reads.


    This might be due to malicious actors and security researchers releasing proof of concept (POC) exploits within two weeks since the initial disclosure for most of the top exploited bugs throughout 2021.


    However, attackers focused some of their attacks on older vulnerabilities patched years before, which shows that some organizations fail to update their systems even when a patch is available.


    The list of the top 15 most exploited security flaws is available below, with links to National Vulnerability Database entries and associated malware.


    CVE Vulnerability Vendor and Product Type
    CVE-2021-44228 Log4Shell Apache Log4j Remote code execution (RCE)
    CVE-2021-40539   Zoho ManageEngine AD SelfService Plus RCE
    CVE-2021-34523 ProxyShell Microsoft Exchange Server Elevation of privilege
    CVE-2021-34473 ProxyShell Microsoft Exchange Server RCE
    CVE-2021-31207 ProxyShell Microsoft Exchange Server Security feature bypass
    CVE-2021-27065 ProxyLogon Microsoft Exchange Server RCE
    CVE-2021-26858 ProxyLogon Microsoft Exchange Server RCE
    CVE-2021-26857 ProxyLogon Microsoft Exchange Server RCE
    CVE-2021-26855 ProxyLogon Microsoft Exchange Server RCE
      Atlassian Confluence Server and Data Center Arbitrary code execution
    CVE-2021-21972   VMware vSphere Client RCE
    CVE-2020-1472 ZeroLogon Microsoft Netlogon Remote Protocol (MS-NRPC) Elevation of privilege
    CVE-2020-0688   Microsoft Exchange Server RCE
    CVE-2019-11510   Pulse Secure Pulse Connect Secure Arbitrary file reading
    CVE-2018-13379   Fortinet FortiOS and FortiProxy Path traversal

    Mitigation and additional exploitation info

    The US, Australian, Canadian, New Zealand, and UK cybersecurity agencies have also identified and revealed 21 additional security vulnerabilities commonly exploited by bad cyber actors during 2021, including ones impacting Accellion File Transfer Appliance (FTA), Windows Print Spooler, and Pulse Secure Pulse Connect Secure.


    The joint advisory includes mitigation measures that should help decrease the risk associated with the topmost abused flaws detailed above.


    CISA and the FBI also published a list of the top 10 most exploited security flaws between 2016 and 2019 and a top of routinely exploited bugs in 2020 in collaboration with the Australian Cyber Security Centre (ACSC) and the United Kingdom's National Cyber Security Centre (NCSC).


    In November 2021, MITRE also shared a list of the topmost dangerous programming, design, and architecture security flaws plaguing hardware in 2021 and the top 25 most common and dangerous weaknesses plaguing software throughout the previous two years.


    "We know that malicious cyber actors go back to what works, which means they target these same critical software vulnerabilities and will continue to do so until companies and organizations address them," said CISA Director Jen Easterly.


    "CISA and our partners are releasing this advisory to highlight the risk that the most commonly exploited vulnerabilities pose to both public and private sector networks.


    "We urge all organizations to assess their vulnerability management practices and take action to mitigate risk to the known exploited vulnerabilities."



    Cybersecurity agencies reveal top exploited vulnerabilities of 2021

    User Feedback

    Recommended Comments

    There are no comments to display.

    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...