Monday, November 29, 2021
HomeIndustry NewsTop 20 most exploited software vulnerabilities

Top 20 most exploited software vulnerabilities

Recently, CISA (Cybersecurity and Infrastructure Security Agency), a U.S. cyber security agency, and the Federal Bureau of Investigation (FBI) published a list of the top 20 most exploited software vulnerabilities across the last 6 years, between 2016 and 2021.

The agency urges businesses in the private and public sectors to apply to their networks the available updates and implement centralized patch management systems to prevent cyberattacks. 

List of the most exploited software vulnerabilities 

The list below will help you identify malware associated with exploiting the CVE (Common Vulnerabilities and Exposures). Included are the vulnerable products, CVE numbers, and mitigation strategies.  

  1. CVE-2012-0158

Vulnerable products: Microsoft Office 2003 SP3, 2007 SP2, and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, and 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; and Visual Basic 6.0

Associated malware: Dredex

Mitigation: Update affected Microsoft products with the latest security patches

  1. CVE-2015-1641

Vulnerable products: Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1

Associated malware: Toshliph, UWarrior

Mitigation: Update affected Microsoft products with the latest security patches

  1. CVE-2017-11882

Vulnerable products: Microsoft Office 2007 SP3/2010 SP2/2013 SP1/2016 Products

Associated malware: Loki, FormBook, Pony/FAREIT

Mitigation: Update affected Microsoft products with the latest security patches

  1. CVE-2017-0199

Vulnerable products: Microsoft Office 2007 SP3/2010 SP2/2013 SP1/2016, Vista SP2, Server 2008 SP2, Windows 7 SP1, Windows 8.1

Associated malware: FINSPY, LATENTBOT, Dridex

Mitigation: Update affected Microsoft products with the latest security patches

  1. CVE-2017-5638

Vulnerable products: Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1

Associated malware: JexBoss

Mitigation: Upgrade to Struts 2.3.32 or Struts 2.5.10.1

  1. CVE-2017-0143

Vulnerable products: Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016

Associated malware: Multiple using the EternalSynergy and EternalBlue Exploit Kit

Mitigation: Update affected Microsoft products with the latest security patches

  1. CVE-2017-8759

Vulnerable products: Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7

Associated malware: FINSPY, FinFisher, WingBird

Mitigation: Update affected Microsoft products with the latest security patches

  1. CVE-2018-4878

Vulnerable products: Adobe Flash Player before 28.0.0.161

Associated malware: DOGCALL

Mitigation: Update Adobe Flash Player installation to the latest version

  1. CVE-2018-7600

Vulnerable products: Drupal before 7.58, 8. x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1

Associated malware: Kitty

Mitigation: Upgrade to the most recent version of Drupal 7 or 8 core

  1. CVE-2019-0406

Vulnerable products: Microsoft SharePoint

Associated malware: China Chopper

Mitigation: Update affected Microsoft products with the latest security patches

  1. CVE-2019-11510

Vulnerable products: Pulse Connect Secure 9.0R1 – 9.0R3.3, 8.3R1 – 8.3R7, 8.2R1 – 8.2R12, 8.1R1 – 8.1R15 and Pulse Policy Secure 9.0R1 – 9.0R3.1, 5.4R1 – 5.4R7, 5.3R1 – 5.3R12, 5.2R1 – 5.2R12, 5.1R1 – 5.1R15

Mitigation: Update affected Pulse Secure devices with the latest security patches

  1. CVE-2019-19781

Vulnerable products: Citrix Application Delivery Controller, Citrix Gateway, and Citrix SDWAN WANOP

Mitigation: Update affected Citrix devices with the latest security patches

  1. CVE-2020-5902

Vulnerable products: BIG-IP (LTM, AAM, Advanced WAF, AFM, Analytics, APM, ASM, DDHD, DNS, FPS, GTM, Link Controller, PEM, SSLO, CGNAT) 15.1.0, 15.0.0-15.0.1, 14.1.0-14.1.2, 13.1.0-13.1.3, 12.1.0-12.1.5, and 11.6.1-11.6.5

Mitigation: Upgrade to available secure versions

  1. CVE-2020-15505

Vulnerable products: MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0, and 10.6.0.0; Sentry versions 9.7.2 and earlier and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1

Mitigation: Download and install a fixed software version of the software

  1. CVE-2020-0688

Vulnerable products: Microsoft Exchange Server 2019 Cumulative Update 3 and 4, 2016 Cumulative Update 14 and 15, 2013 Cumulative Update 23, and 2010 Service Pack 3 Update Rollup 30 

Mitigation: Download and install a fixed software version of the software

  1. CVE-2020-1472

Vulnerable products: All versions of Windows Server 2019; all versions of Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; and Windows Server versions 1909/1903/1809

Mitigation: Apply the security updates as recommended in the Microsoft Netlogon security advisory

  1. CVE-2021-27101

Vulnerable products: FTA 9_12_370 and earlier

Mitigation: Update Accellion FTA to version FTA_9_12_432 or later

  1. CVE-2021-27102

Vulnerable products: FTA versions 9_12_411 and earlier

Mitigation: Update Accellion FTA to version FTA_9_12_432 or later

  1. Oversights in Microsoft O365 security configurations

Vulnerable products: Microsoft O365

Mitigation: Follow Microsoft O365 security recommendations

  1. Organizational cybersecurity weaknesses

Vulnerable products: Systems, networks, and data

Mitigation: Follow cybersecurity best practices

What about unknown software vulnerabilities?

Vulnerabilities that have not been made known publicly (exploitable through 0-day exploits) pose a threat to business networks. 

While penetration testing can unearth unknown vulnerabilities, some cybersecurity agencies observe that known cyberattacks with known mitigation solutions still pose a bigger threat to companies compared to 0-day exploits. 

Although you may not always control the exploitation of unknown vulnerabilities on your network, you can take action against known vulnerabilities

How to protect your network against software hack

Vulnerability management can be difficult because it requires making decisions that account for business objectives, data and asset classification, risk, and more. However, Cisco Integrated Services Router can help you identify, prioritize and mitigate existing vulnerabilities so that you enhance the security of your most important assets.

Sources

Maclean Odiesa
Maclean is a tech freelance writer with 7+ years in content strategy and development. She is also a pillar pages specialist and SEO expert.

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You might also like

Stay Connected

Must Read

Related News

[xyz-ips snippet="YARPP-RANDOM"]