Evansville Headquarters : 812-474-6825
Nashville Location : (615) 208-7726
Security

Top Routinely Exploited Vulnerabilities

  • Comments: 0
  • Posted by: Carissa

Is your organization at risk?

Top Routinely Exploited Vulnerabilities

If you had a list of the Top 30 vulnerabilities routinely exploited by Cyber Criminals in 2020 and 2021, would you want to resolve them?

Cyber security breach mitigation is often as simple as knowing what you have, knowing what is at risk, and doing the right thing to eliminate risk through continuous vulnerability and patch management practices.  Unfortunately, in nearly all breaches and intrusions Keller Schroeder assists with, as well as those throughout the industry, the root cause is typically due to the result of a successful exploitation of a known vulnerability or other routine infrastructure hardening requirements not being implemented.

Anyone who has spent time with me long enough has likely heard me say the phrase, ‘You don’t know what you don’t know, until you know’.  I often utilize this phrase when I am referring to the importance of continuous vulnerability and patch management.  Although you may have the best IT team in the world managing your environment, it is difficult to defend against what you don’t identify.  By having a proven method of always knowing, at a moments notice, what your current risk and vulnerability posture is, you are better prepared to know when to rapidly respond and when to when to relax.

Wouldn’t it be fantastic if a list of known vulnerabilities existed to help you resolve them before your systems are compromised? Luckily, in late July 2021, a Joint Cybersecurity Advisory was coauthored by the US Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the US Federal Bureau of Investigation (FBI). The advisory provides specific details on the top 30 vulnerabilities routinely exploited by malicious cybercriminals in 2020 and into 2021 to help technology teams and organizations across the globe mitigate their risk. You can view this advisory at: https://us-cert.cisa.gov/ncas/alerts/aa21-209a

Four of the heaviest targeted exposures targeted remote workers, VPNs, or cloud-based technologies.  Many victims in 2020 and 2021 could have avoided being a statistic, had they implemented a strong continuous vulnerability and patch management program that would have not only identified these issues earlier, but could have provided the valuable time to mitigate them before they were exploited. The topmost exploited vulnerabilities in 2020 are detailed in the table below.  If any of these vulnerabilities exist in your environment, your chances of being compromised are much higher than those who do not have these exposures.

TOPMOST EXPLOITED VULNERABILITIES IN 2020

VendorCVEType
CitrixCVE-2019-19781Arbitrary Code Execution
PulseCVE 2019-11510Arbitrary File Reading
FortinetCVE 2018-13379Path Traversal
F5 – Big IPCVE 2020-5902Remote Code Execution (RCE)
MobileIronCVE 2020-15505Remote Code Execution (RCE)
MicrosoftCVE-2017-11882Remote Code Execution (RCE)
AtlassianCVE-2019-11580Remote Code Execution (RCE)
DrupalCVE-2018-7600Remote Code Execution (RCE)
TelerikCVE 2019-18935Remote Code Execution (RCE)
MicrosoftCVE-2019-0604Remote Code Execution (RCE)
MicrosoftCVE-2020-0787Elevation of Privilege
NetlogonCVE-2020-1472Elevation of Privilege
Security-Solutions-Group-Blog-Keller-Schroeder

Being in Information Technology since the 80’s and having spent most of that time immersed in the Information Security realm, I have noticed a few commonalities with security incidents and breaches.  Even though technology continues to evolve, the general successful criminal activity tends to exploit the same core insufficiencies around security awareness, system hardening, vulnerability and patch management, and password management.

A few questions to think about…

  • What were the results of your last security assessment? 
  • Do you have room for improvement?
  • Do you know what your current risks are?
  • What are you currently doing for vulnerability and patch management?  Is it working for you?

If you need any assistance with understanding the details within the advisory, understanding your current cybersecurity posture, your preparedness for a breach, or any other cyber security topic, we would love to have a discussion with you.  Contact us today, and let’s chat about your environment and ways to lower your chances of becoming a victim of cybercrime.


Written By:

Brad-Mathis-Keller-Schroeder-Information-Security

Brad Mathis, CISSP
Senior Consultant, Information Security
Keller Schroeder