In collaboration with the cybersecurity agencies from Australia and the UK, the US FBI and CISA have described the top 30 vulnerabilities of the last two years.
These mostly include vulnerabilities in remote tools like cloud technologies and VPN devices, affecting the work-from-home employees. Detailing them, the agencies recommend private and public organizations apply available patches immediately.
Top 30 Vulnerabilities Since 2020
Detecting, mitigating, and awareness are the top duties of centrally formed cybersecurity agencies of any country.
As a part of awareness, the cybersecurity agencies from the UK (National Cyber Security Centre) and Australia (Australian Cyber Security Centre) have teamed up with US FBI and CISA to list out the top 30 security vulnerabilities in the last two years.
Most of them are leveraged by threat actors in various ways and exploited for personal gains. Thus, advising them to be aware of the listed vulnerabilities and recommend doing what’s best.
As per their joint advisory, the agencies have said that vulnerabilities are found and targeted most from remote tools like Virtual Private Networks (VPNs) and cloud technologies since corporates extensively use them after the rise of the COVID-19 pandemic.
The pandemic has pushed everyone back to home and prioritized the concept of work-from-home. Unfortunately, this included many employees not learning and the applications of basic security defense, thus making them vulnerable to hackers.
Thus, these are the top vulnerabilities listed by these cybersecurity agencies in the joint advisory;
|Citrix||CVE-2019-19781||arbitrary code execution|
|Pulse||CVE 2019-11510||arbitrary file reading|
|Fortinet||CVE 2018-13379||path traversal|
|F5- Big IP||CVE 2020-5902||remote code execution (RCE)|
|Microsoft||CVE-2020-0787||elevation of privilege|
|Netlogon||CVE-2020-1472||elevation of privilege|
Summering the advisory, the group said highly exploited vulnerabilities were seen in software from Microsoft, Pulse, Accellion, VMware, and Fortinet.
The group recommends applying the security patches as soon as possible to avoid falling prey to the threat actors. In case of skipping, they are advised to check for compromise status and initiate incident response and recovery plans.
The advisory also contains the indicators of compromise, recommended mitigations, detection methods, and links to patches for each vulnerability.