What are the top 30 vulnerabilities exploited in 2020-2021?

The US, UK, and Australian cybersecurity authorities, including the FBI, disclosed the most exploited vulnerabilities in 2020 and 2021 on July 28, 2021, and appealed for patch application and focus on these vulnerabilities.

The FBI and the Department of Homeland Security cybersecurity infrastructure security agency CISA, the UK Cybersecurity Center NCSC, and the Australian Cybersecurity Center ACSC jointly announced on July 28 (local time) the top 30 commonly exploited vulnerabilities and demanded vigilance from relevant authorities. Recommendation (Alert-AA21-209A) has been issued.

According to the list of vulnerabilities released by the FBI, the 14 most exploited in 2020 (CVE-2019-19781, CVE-2019-11510, CVE-2018-13379, CVE-2020-5902, CVE-2020-15505, CVE-2020) -0688, CVE-2019-3396, CVE-2017-11882, CVE-2019-11580, CVE-2018-7600, CVE-2019-18935, CVE-2019-0604, CVE-2020-0787, CVE-2020-1472 ), the one that was particularly exploited was CVE-2019-19781.

The report states that the reasons why cyber actors such as state agencies and criminals prefer these vulnerabilities are that it is easy to exploit, the Citrix server is widely available, and can be exploited to perform remote code execution on target systems without permission. .

Vulnerabilities exploited in 2021 (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-22893, CVE-2021-22894, CVE-2021-22899, CVE- 2021-22900, CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104, CVE-2021-21985, CVE-2018-13379, CVE-2020-12812, CVE-2019- 5591), the most damaging is a vulnerability (ProxyLogon) found in Microsoft Exchange Server. This vulnerability was discovered in systems widely used in large American corporations and government offices, and the problem of proxy logon has developed into a situation in which the US government issues an emergency directive.

According to CISA, this joint recommendation is one of CISA’s important activities, with the purpose of cooperating with other organizations to identify vulnerabilities to which public and private companies will preferentially apply patches and to minimize the risk of malicious cyber actors. Related information can be found here.

What are the top 30 vulnerabilities exploited in 2020-2021?

lswcap

Add comment

Cancel reply

Cell robot confirmed capable of self-replication

Like life, there are limits… Social media limited to 100 posts?

Why women live longer than men

Topics

Recent posts

Cell robot confirmed capable of self-replication

Like life, there are limits… Social media limited to 100 posts?

Why women live longer than men

“Aboriginal herbal medicine is effective for cancer treatment”

Indian government “Starlink, from acquiring licenses before service… ”

What is the reason for the first decline in online sales on Black Friday?

Danish sensibility female front wheel hub motor bike

Spotify abolishes carview mode

Australia plans to compulsorily disclose social media anonymous user information

Email Newsletter

Techrecipe

Follow us

Most popular

Vertical farming and future food

AR office “remote collaboration as augmented reality … “

Electric vehicles in the middle 6 million won? Small EV floats

Agricultural robot development project being promoted by Google parent company

Starlink satellite … Foreshadow the age of global Internet

Tesla who went to the sea? Electric ships float.

UFS 3.0 “Smartphone data transfer speed is two times faster”

How was the ARM architecture born

Dismantling 200 units per hour … Apple 2nd Generation Recycling Robot

Challenges to autonomous vehicle data ownership

Puzzle pieces for the 5G era

Intel · Amazon · Google ‘2nd Generation Smartglass’

Most discussed

What are the top 30 vulnerabilities exploited in 2020-2021?

lswcap

Add comment

You may also like

Topics

Recent posts

Email Newsletter

Techrecipe

Follow us

Most popular

Most discussed