FBI

In collaboration with the cybersecurity agencies from Australia and the UK, the US FBI and CISA have described the top 30 vulnerabilities of the last two years.

These mostly include vulnerabilities in remote tools like cloud technologies and VPN devices, affecting the work-from-home employees. Detailing them, the agencies recommend private and public organizations apply available patches immediately.

Top 30 Vulnerabilities Since 2020

Detecting, mitigating, and awareness are the top duties of centrally formed cybersecurity agencies of any country.

As a part of awareness, the cybersecurity agencies from the UK (National Cyber Security Centre) and Australia (Australian Cyber Security Centre) have teamed up with US FBI and CISA to list out the top 30 security vulnerabilities in the last two years.

Most of them are leveraged by threat actors in various ways and exploited for personal gains. Thus, advising them to be aware of the listed vulnerabilities and recommend doing what’s best.

As per their joint advisory, the agencies have said that vulnerabilities are found and targeted most from remote tools like Virtual Private Networks (VPNs) and cloud technologies since corporates extensively use them after the rise of the COVID-19 pandemic.

The pandemic has pushed everyone back to home and prioritized the concept of work-from-home. Unfortunately, this included many employees not learning and the applications of basic security defense, thus making them vulnerable to hackers.

Thus, these are the top vulnerabilities listed by these cybersecurity agencies in the joint advisory;

Vendor CVE Type
Citrix CVE-2019-19781 arbitrary code execution
Pulse CVE 2019-11510 arbitrary file reading
Fortinet CVE 2018-13379 path traversal
F5- Big IP CVE 2020-5902 remote code execution (RCE)
MobileIron CVE 2020-15505 RCE
Microsoft CVE-2017-11882 RCE
Atlassian CVE-2019-11580 RCE
Drupal CVE-2018-7600 RCE
Telerik CVE 2019-18935 RCE
Microsoft CVE-2019-0604 RCE
Microsoft CVE-2020-0787 elevation of privilege
Netlogon CVE-2020-1472 elevation of privilege

Summering the advisory, the group said highly exploited vulnerabilities were seen in software from Microsoft, Pulse, Accellion, VMware, and Fortinet.

The group recommends applying the security patches as soon as possible to avoid falling prey to the threat actors. In case of skipping, they are advised to check for compromise status and initiate incident response and recovery plans.

The advisory also contains the indicators of compromise, recommended mitigations, detection methods, and links to patches for each vulnerability.

LEAVE A REPLY

Please enter your comment!
Please enter your name here